1 # Test cases for Device Provisioning Protocol (DPP)
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018, The Linux Foundation
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
12 logger
= logging
.getLogger()
20 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
21 from wpasupplicant
import WpaSupplicant
25 openssl_imported
= True
27 openssl_imported
= False
29 def check_dpp_capab(dev
, brainpool
=False):
30 if "UNKNOWN COMMAND" in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
31 raise HwsimSkip("DPP not supported")
33 tls
= dev
.request("GET tls_library")
34 if not tls
.startswith("OpenSSL") or "run=BoringSSL" in tls
:
35 raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls
)
37 def test_dpp_qr_code_parsing(dev
, apdev
):
38 """DPP QR Code parsing"""
39 check_dpp_capab(dev
[0])
42 tests
= [ "DPP:C:81/1,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
43 "DPP:C:81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13,82/14,83/1,83/2,83/3,83/4,83/5,83/6,83/7,83/8,83/9,84/5,84/6,84/7,84/8,84/9,84/10,84/11,84/12,84/13,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
44 "DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
45 "DPP:I:;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;" ]
47 id.append(dev
[0].dpp_qr_code(uri
))
49 uri2
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id[-1])
51 raise Exception("Returned URI does not match")
57 "DPP:I:;M:01020304050;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
58 "DPP:K:" + base64
.b64encode(b
"hello").decode() + ";;",
59 "DPP:K:MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
60 "DPP:K:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNZaZA4T/kRDjnmpI1ACOJhAuTIIEk2KFOpS6XPpGF+EVr/ao3XemkE0/nzXmGaLzLqTUCJknSdxTnVPeWfCVsCAwEAAQ==;;",
61 "DPP:K:MIIBCjCB0wYHKoZIzj0CATCBxwIBATAkBgcqhkjOPQEBAhkA/////////////////////v//////////MEsEGP////////////////////7//////////AQYZCEFGeWcgOcPp+mrciQwSf643uzBRrmxAxUAMEWub8hCL2TtV5Uo04Eg6uEhltUEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
62 "DPP:I:foo\tbar;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
63 "DPP:C:1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
64 "DPP:C:81/1a;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
65 "DPP:C:1/2000,81/-1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
66 "DPP:C:-1/1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;" ]
68 res
= dev
[0].request("DPP_QR_CODE " + t
)
70 raise Exception("Accepted invalid QR Code: " + t
)
72 logger
.info("ID: " + str(id))
73 if id[0] == id[1] or id[0] == id[2] or id[1] == id[2]:
74 raise Exception("Duplicate ID returned")
76 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE 12345678"):
77 raise Exception("DPP_BOOTSTRAP_REMOVE accepted unexpectedly")
78 if "OK" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE %d" % id[1]):
79 raise Exception("DPP_BOOTSTRAP_REMOVE failed")
81 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode")
83 raise Exception("Failed to generate bootstrapping info")
84 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
85 logger
.info("Generated URI: " + uri
)
87 dev
[0].dpp_qr_code(uri
)
89 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,115/36 mac=010203040506 info=foo")
91 raise Exception("Failed to generate bootstrapping info")
92 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
93 logger
.info("Generated URI: " + uri
)
95 dev
[0].dpp_qr_code(uri
)
97 def test_dpp_qr_code_parsing_fail(dev
, apdev
):
98 """DPP QR Code parsing local failure"""
99 check_dpp_capab(dev
[0])
100 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_info"):
101 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
102 raise Exception("DPP_QR_CODE failure not reported")
104 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_pk"):
105 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
106 raise Exception("DPP_QR_CODE failure not reported")
108 with
fail_test(dev
[0], 1, "dpp_parse_uri_pk"):
109 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
110 raise Exception("DPP_QR_CODE failure not reported")
112 with
alloc_fail(dev
[0], 1, "dpp_parse_uri"):
113 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
114 raise Exception("DPP_QR_CODE failure not reported")
116 dpp_key_p256
="30570201010420777fc55dc51e967c10ec051b91d860b5f1e6c934e48d5daffef98d032c64b170a00a06082a8648ce3d030107a124032200020c804188c7f85beb6e91070d2b3e5e39b90ca77b4d3c5251bc1844d6ca29dcad"
117 dpp_key_p384
= "307402010104302f56fdd83b5345cacb630eb7c22fa5ad5daba37307c95191e2a75756d137003bd8b32dbcb00eb5650c1eb499ecfcaec0a00706052b81040022a13403320003615ec2141b5b77aebb6523f8a012755f9a34405a8398d2ceeeebca7f5ce868bf55056cba4c4ec62fad3ed26dd29e0f23"
118 dpp_key_p521
= "308198020101044200c8010d5357204c252551aaf4e210343111e503fd1dc615b257058997c49b6b643c975226e93be8181cca3d83a7072defd161dfbdf433c19abe1f2ad51867a05761a00706052b81040023a1460344000301cdf3608b1305fe34a1f976095dcf001182b9973354efe156291a66830292f9babd8f412ad462958663e7a75d1d0610abdfc3dd95d40669f7ab3bc001668cfb3b7c"
119 dpp_key_bp256
= "3058020101042057133a676fb60bf2a3e6797e19833c7b0f89dc192ab99ab5fa377ae23a157765a00b06092b2403030208010107a12403220002945d9bf7ce30c9c1ac0ff21ca62b984d5bb80ff69d2be8c9716ab39a10d2caf0"
120 dpp_key_bp384
= "307802010104304902df9f3033a9b7128554c0851dc7127c3573eed150671dae74c0013e9896a9b1c22b6f7d43d8a2ebb7cd474dc55039a00b06092b240303020801010ba13403320003623cb5e68787f351faababf3425161571560add2e6f9a306fcbffb507735bf955bb46dd20ba246b0d5cadce73e5bd6a6"
121 dpp_key_bp512
= "30819802010104405803494226eb7e50bf0e90633f37e7e35d33f5fa502165eeba721d927f9f846caf12e925701d18e123abaaaf4a7edb4fc4de21ce18bc10c4d12e8b3439f74e40a00b06092b240303020801010da144034200033b086ccd47486522d35dc16fbb2229642c2e9e87897d45abbf21f9fb52acb5a6272b31d1b227c3e53720769cc16b4cb181b26cd0d35fe463218aaedf3b6ec00a"
123 def test_dpp_qr_code_curves(dev
, apdev
):
124 """DPP QR Code and supported curves"""
125 check_dpp_capab(dev
[0])
126 tests
= [ ("prime256v1", dpp_key_p256
),
127 ("secp384r1", dpp_key_p384
),
128 ("secp521r1", dpp_key_p521
) ]
129 for curve
, hex in tests
:
130 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
132 raise Exception("Failed to set key for " + curve
)
133 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
135 raise Exception("Failed to get info for " + curve
)
136 if "curve=" + curve
not in info
:
137 raise Exception("Curve mismatch for " + curve
)
139 def test_dpp_qr_code_curves_brainpool(dev
, apdev
):
140 """DPP QR Code and supported Brainpool curves"""
141 check_dpp_capab(dev
[0], brainpool
=True)
142 tests
= [ ("brainpoolP256r1", dpp_key_bp256
),
143 ("brainpoolP384r1", dpp_key_bp384
),
144 ("brainpoolP512r1", dpp_key_bp512
) ]
145 for curve
, hex in tests
:
146 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
148 raise Exception("Failed to set key for " + curve
)
149 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
151 raise Exception("Failed to get info for " + curve
)
152 if "curve=" + curve
not in info
:
153 raise Exception("Curve mismatch for " + curve
)
155 def test_dpp_qr_code_unsupported_curve(dev
, apdev
):
156 """DPP QR Code and unsupported curve"""
157 check_dpp_capab(dev
[0])
159 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode curve=unsupported")
161 raise Exception("Unsupported curve accepted")
164 "305f02010104187f723ed9e1b41979ec5cd02eb82696efc76b40e277661049a00a06082a8648ce3d030101a134033200043f292614dea97c43f500f069e79ae9fb48f8b07369180de5eec8fa2bc9eea5af7a46dc335f52f10cb1c0e9464201d41b" ]
166 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
168 raise Exception("Unsupported/invalid curve accepted")
170 def test_dpp_qr_code_keygen_fail(dev
, apdev
):
171 """DPP QR Code and keygen failure"""
172 check_dpp_capab(dev
[0])
174 with
alloc_fail(dev
[0], 1, "dpp_bootstrap_key_der;dpp_keygen"):
175 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
176 raise Exception("Failure not reported")
178 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen"):
179 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
180 raise Exception("Failure not reported")
182 def test_dpp_qr_code_curve_select(dev
, apdev
):
183 """DPP QR Code and curve selection"""
184 check_dpp_capab(dev
[0], brainpool
=True)
185 check_dpp_capab(dev
[1], brainpool
=True)
187 addr
= dev
[0].own_addr().replace(':', '')
189 for key
in [ dpp_key_p256
, dpp_key_p384
, dpp_key_p521
,
190 dpp_key_bp256
, dpp_key_bp384
, dpp_key_bp512
]:
191 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " key=" + key
)
193 raise Exception("Failed to set key for " + curve
)
194 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
195 for i
in info
.splitlines():
197 name
, val
= i
.split('=')
201 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
202 bi
.append((curve
, uri
))
204 for curve
, uri
in bi
:
205 logger
.info("Curve: " + curve
)
206 logger
.info("URI: " + uri
)
208 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
209 raise Exception("Failed to start listen operation")
211 res
= dev
[1].dpp_qr_code(uri
)
212 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % res
):
213 raise Exception("Failed to initiate DPP Authentication")
214 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
216 raise Exception("DPP authentication did not succeed (Responder)")
217 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
219 raise Exception("DPP authentication did not succeed (Initiator)")
220 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
222 raise Exception("DPP configuration result not seen (Enrollee)")
223 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
225 raise Exception("DPP configuration result not seen (Responder)")
226 dev
[0].request("DPP_STOP_LISTEN")
227 dev
[1].request("DPP_STOP_LISTEN")
228 dev
[0].dump_monitor()
229 dev
[1].dump_monitor()
231 def test_dpp_qr_code_auth_broadcast(dev
, apdev
):
232 """DPP QR Code and authentication exchange (broadcast)"""
233 check_dpp_capab(dev
[0])
234 check_dpp_capab(dev
[1])
235 logger
.info("dev0 displays QR Code")
236 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1")
238 raise Exception("Failed to generate bootstrapping info")
240 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
242 logger
.info("dev1 scans QR Code")
243 id1
= dev
[1].dpp_qr_code(uri0
)
245 logger
.info("dev1 initiates DPP Authentication")
246 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
247 raise Exception("Failed to start listen operation")
248 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
249 raise Exception("Failed to initiate DPP Authentication")
250 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
252 raise Exception("DPP authentication did not succeed (Responder)")
253 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
255 raise Exception("DPP authentication did not succeed (Initiator)")
256 dev
[0].request("DPP_STOP_LISTEN")
258 def test_dpp_qr_code_auth_unicast(dev
, apdev
):
259 """DPP QR Code and authentication exchange (unicast)"""
260 run_dpp_qr_code_auth_unicast(dev
, apdev
, None)
262 def test_dpp_qr_code_auth_unicast_ap_enrollee(dev
, apdev
):
263 """DPP QR Code and authentication exchange (AP enrollee)"""
264 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, netrole
="ap")
266 def test_dpp_qr_code_curve_prime256v1(dev
, apdev
):
267 """DPP QR Code and curve prime256v1"""
268 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1")
270 def test_dpp_qr_code_curve_secp384r1(dev
, apdev
):
271 """DPP QR Code and curve secp384r1"""
272 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1")
274 def test_dpp_qr_code_curve_secp521r1(dev
, apdev
):
275 """DPP QR Code and curve secp521r1"""
276 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1")
278 def test_dpp_qr_code_curve_brainpoolP256r1(dev
, apdev
):
279 """DPP QR Code and curve brainpoolP256r1"""
280 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP256r1")
282 def test_dpp_qr_code_curve_brainpoolP384r1(dev
, apdev
):
283 """DPP QR Code and curve brainpoolP384r1"""
284 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP384r1")
286 def test_dpp_qr_code_curve_brainpoolP512r1(dev
, apdev
):
287 """DPP QR Code and curve brainpoolP512r1"""
288 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP512r1")
290 def test_dpp_qr_code_set_key(dev
, apdev
):
291 """DPP QR Code and fixed bootstrapping key"""
292 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, key
="30770201010420e5143ac74682cc6869a830e8f5301a5fa569130ac329b1d7dd6f2a7495dbcbe1a00a06082a8648ce3d030107a144034200045e13e167c33dbc7d85541e5509600aa8139bbb3e39e25898992c5d01be92039ee2850f17e71506ded0d6b25677441eae249f8e225c68dd15a6354dca54006383")
294 def run_dpp_qr_code_auth_unicast(dev
, apdev
, curve
, netrole
=None, key
=None,
295 require_conf_success
=False, init_extra
=None,
296 require_conf_failure
=False,
297 configurator
=False, conf_curve
=None):
298 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
299 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
301 logger
.info("Create configurator on dev1")
302 cmd
= "DPP_CONFIGURATOR_ADD"
304 cmd
+= " curve=" + conf_curve
305 res
= dev
[1].request(cmd
)
307 raise Exception("Failed to add configurator")
310 logger
.info("dev0 displays QR Code")
311 addr
= dev
[0].own_addr().replace(':', '')
312 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
314 cmd
+= " curve=" + curve
317 res
= dev
[0].request(cmd
)
319 raise Exception("Failed to generate bootstrapping info")
321 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
323 logger
.info("dev1 scans QR Code")
324 id1
= dev
[1].dpp_qr_code(uri0
)
326 logger
.info("dev1 initiates DPP Authentication")
327 cmd
= "DPP_LISTEN 2412"
329 cmd
+= " netrole=" + netrole
330 if "OK" not in dev
[0].request(cmd
):
331 raise Exception("Failed to start listen operation")
332 cmd
= "DPP_AUTH_INIT peer=%d" % id1
334 cmd
+= " " + init_extra
336 cmd
+= " configurator=%d" % conf_id
337 if "OK" not in dev
[1].request(cmd
):
338 raise Exception("Failed to initiate DPP Authentication")
339 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
341 raise Exception("DPP authentication did not succeed (Responder)")
342 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
344 raise Exception("DPP authentication did not succeed (Initiator)")
345 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
347 raise Exception("DPP configuration not completed (Configurator)")
348 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
350 raise Exception("DPP configuration not completed (Enrollee)")
351 if require_conf_success
:
352 if "DPP-CONF-FAILED" in ev
:
353 raise Exception("DPP configuration failed")
354 if require_conf_failure
:
355 if "DPP-CONF-SUCCESS" in ev
:
356 raise Exception("DPP configuration succeeded unexpectedly")
357 dev
[0].request("DPP_STOP_LISTEN")
358 dev
[0].dump_monitor()
359 dev
[1].dump_monitor()
361 def test_dpp_qr_code_auth_mutual(dev
, apdev
):
362 """DPP QR Code and authentication exchange (mutual)"""
363 check_dpp_capab(dev
[0])
364 check_dpp_capab(dev
[1])
365 logger
.info("dev0 displays QR Code")
366 addr
= dev
[0].own_addr().replace(':', '')
367 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
369 raise Exception("Failed to generate bootstrapping info")
371 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
373 logger
.info("dev1 scans QR Code")
374 id1
= dev
[1].dpp_qr_code(uri0
)
376 logger
.info("dev1 displays QR Code")
377 addr
= dev
[1].own_addr().replace(':', '')
378 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
380 raise Exception("Failed to generate bootstrapping info")
382 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
384 logger
.info("dev0 scans QR Code")
385 id0b
= dev
[0].dpp_qr_code(uri1b
)
387 logger
.info("dev1 initiates DPP Authentication")
388 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
389 raise Exception("Failed to start listen operation")
390 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
391 raise Exception("Failed to initiate DPP Authentication")
393 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
395 raise Exception("DPP authentication direction not indicated (Initiator)")
396 if "mutual=1" not in ev
:
397 raise Exception("Mutual authentication not used")
399 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
401 raise Exception("DPP authentication did not succeed (Responder)")
402 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
404 raise Exception("DPP authentication did not succeed (Initiator)")
405 dev
[0].request("DPP_STOP_LISTEN")
407 def test_dpp_qr_code_auth_mutual2(dev
, apdev
):
408 """DPP QR Code and authentication exchange (mutual2)"""
409 check_dpp_capab(dev
[0])
410 check_dpp_capab(dev
[1])
411 logger
.info("dev0 displays QR Code")
412 addr
= dev
[0].own_addr().replace(':', '')
413 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
415 raise Exception("Failed to generate bootstrapping info")
417 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
419 logger
.info("dev1 scans QR Code")
420 id1
= dev
[1].dpp_qr_code(uri0
)
422 logger
.info("dev1 displays QR Code")
423 addr
= dev
[1].own_addr().replace(':', '')
424 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
426 raise Exception("Failed to generate bootstrapping info")
428 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
430 logger
.info("dev1 initiates DPP Authentication")
431 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
432 raise Exception("Failed to start listen operation")
433 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
434 raise Exception("Failed to initiate DPP Authentication")
436 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
438 raise Exception("Pending response not reported")
439 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
441 raise Exception("QR Code scan for mutual authentication not requested")
443 logger
.info("dev0 scans QR Code")
444 id0b
= dev
[0].dpp_qr_code(uri1b
)
446 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
448 raise Exception("DPP authentication direction not indicated (Initiator)")
449 if "mutual=1" not in ev
:
450 raise Exception("Mutual authentication not used")
452 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
454 raise Exception("DPP authentication did not succeed (Responder)")
455 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
457 raise Exception("DPP authentication did not succeed (Initiator)")
458 dev
[0].request("DPP_STOP_LISTEN")
460 def test_dpp_qr_code_auth_mutual_p_256(dev
, apdev
):
461 """DPP QR Code and authentication exchange (mutual, autogen P-256)"""
462 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-256")
464 def test_dpp_qr_code_auth_mutual_p_384(dev
, apdev
):
465 """DPP QR Code and authentication exchange (mutual, autogen P-384)"""
466 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-384")
468 def test_dpp_qr_code_auth_mutual_p_521(dev
, apdev
):
469 """DPP QR Code and authentication exchange (mutual, autogen P-521)"""
470 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-521")
472 def test_dpp_qr_code_auth_mutual_bp_256(dev
, apdev
):
473 """DPP QR Code and authentication exchange (mutual, autogen BP-256)"""
474 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-256")
476 def test_dpp_qr_code_auth_mutual_bp_384(dev
, apdev
):
477 """DPP QR Code and authentication exchange (mutual, autogen BP-384)"""
478 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-384")
480 def test_dpp_qr_code_auth_mutual_bp_512(dev
, apdev
):
481 """DPP QR Code and authentication exchange (mutual, autogen BP-512)"""
482 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-512")
484 def run_dpp_qr_code_auth_mutual(dev
, apdev
, curve
):
485 check_dpp_capab(dev
[0], curve
and "BP-" in curve
)
486 check_dpp_capab(dev
[1], curve
and "BP-" in curve
)
487 logger
.info("dev0 displays QR Code")
488 addr
= dev
[0].own_addr().replace(':', '')
489 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
490 cmd
+= " curve=" + curve
491 res
= dev
[0].request(cmd
)
493 raise Exception("Failed to generate bootstrapping info")
495 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
497 logger
.info("dev1 scans QR Code")
498 id1
= dev
[1].dpp_qr_code(uri0
)
500 logger
.info("dev1 initiates DPP Authentication")
501 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
502 raise Exception("Failed to start listen operation")
503 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % (id1
)):
504 raise Exception("Failed to initiate DPP Authentication")
506 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
508 raise Exception("Pending response not reported")
509 uri
= ev
.split(' ')[1]
511 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
513 raise Exception("QR Code scan for mutual authentication not requested")
515 logger
.info("dev0 scans QR Code")
516 dev
[0].dpp_qr_code(uri
)
518 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
520 raise Exception("DPP authentication direction not indicated (Initiator)")
521 if "mutual=1" not in ev
:
522 raise Exception("Mutual authentication not used")
524 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
526 raise Exception("DPP authentication did not succeed (Responder)")
527 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
529 raise Exception("DPP authentication did not succeed (Initiator)")
530 dev
[0].request("DPP_STOP_LISTEN")
532 def test_dpp_auth_resp_retries(dev
, apdev
):
533 """DPP Authentication Response retries"""
534 check_dpp_capab(dev
[0])
535 check_dpp_capab(dev
[1])
536 dev
[0].set("dpp_resp_max_tries", "3")
537 dev
[0].set("dpp_resp_retry_time", "100")
539 logger
.info("dev0 displays QR Code")
540 addr
= dev
[0].own_addr().replace(':', '')
541 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
543 raise Exception("Failed to generate bootstrapping info")
545 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
547 logger
.info("dev1 scans QR Code")
548 id1
= dev
[1].dpp_qr_code(uri0
)
550 logger
.info("dev1 displays QR Code")
551 addr
= dev
[1].own_addr().replace(':', '')
552 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
554 raise Exception("Failed to generate bootstrapping info")
556 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
558 logger
.info("dev1 initiates DPP Authentication")
559 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
560 raise Exception("Failed to start listen operation")
561 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
562 raise Exception("Failed to initiate DPP Authentication")
564 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
566 raise Exception("Pending response not reported")
567 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
569 raise Exception("QR Code scan for mutual authentication not requested")
571 # Stop Initiator from listening to frames to force retransmission of the
572 # DPP Authentication Response frame with Status=0
573 dev
[1].request("DPP_STOP_LISTEN")
575 dev
[1].dump_monitor()
576 dev
[0].dump_monitor()
578 logger
.info("dev0 scans QR Code")
579 id0b
= dev
[0].dpp_qr_code(uri1b
)
581 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
582 if ev
is None or "type=1" not in ev
:
583 raise Exception("DPP Authentication Response not sent")
584 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
586 raise Exception("TX status for DPP Authentication Response not reported")
587 if "result=no-ACK" not in ev
:
588 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
590 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=15)
591 if ev
is None or "type=1" not in ev
:
592 raise Exception("DPP Authentication Response retransmission not sent")
594 def test_dpp_qr_code_auth_mutual_not_used(dev
, apdev
):
595 """DPP QR Code and authentication exchange (mutual not used)"""
596 check_dpp_capab(dev
[0])
597 check_dpp_capab(dev
[1])
598 logger
.info("dev0 displays QR Code")
599 addr
= dev
[0].own_addr().replace(':', '')
600 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
602 raise Exception("Failed to generate bootstrapping info")
604 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
606 logger
.info("dev1 scans QR Code")
607 id1
= dev
[1].dpp_qr_code(uri0
)
609 logger
.info("dev1 displays QR Code")
610 addr
= dev
[1].own_addr().replace(':', '')
611 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
613 raise Exception("Failed to generate bootstrapping info")
615 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
617 logger
.info("dev0 does not scan QR Code")
619 logger
.info("dev1 initiates DPP Authentication")
620 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
621 raise Exception("Failed to start listen operation")
622 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
623 raise Exception("Failed to initiate DPP Authentication")
625 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
627 raise Exception("DPP authentication direction not indicated (Initiator)")
628 if "mutual=0" not in ev
:
629 raise Exception("Mutual authentication not used")
631 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
633 raise Exception("DPP authentication did not succeed (Responder)")
634 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
636 raise Exception("DPP authentication did not succeed (Initiator)")
637 dev
[0].request("DPP_STOP_LISTEN")
639 def test_dpp_qr_code_auth_mutual_curve_mismatch(dev
, apdev
):
640 """DPP QR Code and authentication exchange (mutual/mismatch)"""
641 check_dpp_capab(dev
[0])
642 check_dpp_capab(dev
[1])
643 logger
.info("dev0 displays QR Code")
644 addr
= dev
[0].own_addr().replace(':', '')
645 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
647 raise Exception("Failed to generate bootstrapping info")
649 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
651 logger
.info("dev1 scans QR Code")
652 id1
= dev
[1].dpp_qr_code(uri0
)
654 logger
.info("dev1 displays QR Code")
655 addr
= dev
[1].own_addr().replace(':', '')
656 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " curve=secp384r1")
658 raise Exception("Failed to generate bootstrapping info")
660 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
662 logger
.info("dev0 scans QR Code")
663 id0b
= dev
[0].dpp_qr_code(uri1b
)
665 res
= dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
))
666 if "FAIL" not in res
:
667 raise Exception("DPP_AUTH_INIT accepted unexpectedly")
669 def test_dpp_qr_code_auth_hostapd_mutual2(dev
, apdev
):
670 """DPP QR Code and authentication exchange (hostapd mutual2)"""
671 check_dpp_capab(dev
[0])
672 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
673 check_dpp_capab(hapd
)
675 logger
.info("AP displays QR Code")
676 addr
= hapd
.own_addr().replace(':', '')
677 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
678 res
= hapd
.request(cmd
)
680 raise Exception("Failed to generate bootstrapping info")
682 uri_h
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
684 logger
.info("dev0 scans QR Code")
685 id0
= dev
[0].dpp_qr_code(uri_h
)
687 logger
.info("dev0 displays QR Code")
688 addr
= dev
[0].own_addr().replace(':', '')
689 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
691 raise Exception("Failed to generate bootstrapping info")
693 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0b
)
695 logger
.info("dev0 initiates DPP Authentication")
696 if "OK" not in hapd
.request("DPP_LISTEN 2412 qr=mutual"):
697 raise Exception("Failed to start listen operation")
698 if "OK" not in dev
[0].request("DPP_AUTH_INIT peer=%d own=%d" % (id0
, id0b
)):
699 raise Exception("Failed to initiate DPP Authentication")
701 ev
= dev
[0].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
703 raise Exception("Pending response not reported")
704 ev
= hapd
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
706 raise Exception("QR Code scan for mutual authentication not requested")
708 logger
.info("AP scans QR Code")
709 hapd
.dpp_qr_code(uri0
)
711 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
713 raise Exception("DPP authentication did not succeed (Responder)")
714 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
716 raise Exception("DPP authentication did not succeed (Initiator)")
717 hapd
.request("DPP_STOP_LISTEN")
719 def test_dpp_qr_code_listen_continue(dev
, apdev
):
720 """DPP QR Code and listen operation needing continuation"""
721 check_dpp_capab(dev
[0])
722 check_dpp_capab(dev
[1])
723 logger
.info("dev0 displays QR Code")
724 addr
= dev
[0].own_addr().replace(':', '')
725 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
727 raise Exception("Failed to generate bootstrapping info")
729 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
731 logger
.info("dev1 scans QR Code")
732 id1
= dev
[1].dpp_qr_code(uri0
)
734 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
735 raise Exception("Failed to start listen operation")
736 logger
.info("Wait for listen to expire and get restarted")
738 logger
.info("dev1 initiates DPP Authentication")
739 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
740 raise Exception("Failed to initiate DPP Authentication")
741 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
743 raise Exception("DPP authentication did not succeed (Responder)")
744 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
746 raise Exception("DPP authentication did not succeed (Initiator)")
747 dev
[0].request("DPP_STOP_LISTEN")
749 def test_dpp_qr_code_auth_initiator_enrollee(dev
, apdev
):
750 """DPP QR Code and authentication exchange (Initiator in Enrollee role)"""
751 check_dpp_capab(dev
[0])
752 check_dpp_capab(dev
[1])
753 dev
[0].request("SET gas_address3 1")
754 dev
[1].request("SET gas_address3 1")
755 logger
.info("dev0 displays QR Code")
756 addr
= dev
[0].own_addr().replace(':', '')
757 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
759 raise Exception("Failed to generate bootstrapping info")
761 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
763 logger
.info("dev1 scans QR Code")
764 id1
= dev
[1].dpp_qr_code(uri0
)
766 logger
.info("dev1 initiates DPP Authentication")
767 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
768 raise Exception("Failed to start listen operation")
769 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
770 raise Exception("Failed to initiate DPP Authentication")
771 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
773 raise Exception("DPP authentication did not succeed (Responder)")
774 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
776 raise Exception("DPP authentication did not succeed (Initiator)")
778 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
780 raise Exception("DPP configuration did not succeed (Configurator)")
781 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
783 raise Exception("DPP configuration did not succeed (Enrollee)")
785 dev
[0].request("DPP_STOP_LISTEN")
787 def test_dpp_qr_code_auth_initiator_either_1(dev
, apdev
):
788 """DPP QR Code and authentication exchange (Initiator in either role)"""
789 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, None, dev
[1], dev
[0])
791 def test_dpp_qr_code_auth_initiator_either_2(dev
, apdev
):
792 """DPP QR Code and authentication exchange (Initiator in either role)"""
793 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "enrollee",
796 def test_dpp_qr_code_auth_initiator_either_3(dev
, apdev
):
797 """DPP QR Code and authentication exchange (Initiator in either role)"""
798 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "configurator",
801 def run_dpp_qr_code_auth_initiator_either(dev
, apdev
, resp_role
,
802 conf_dev
, enrollee_dev
):
803 check_dpp_capab(dev
[0])
804 check_dpp_capab(dev
[1])
805 logger
.info("dev0 displays QR Code")
806 addr
= dev
[0].own_addr().replace(':', '')
807 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
809 raise Exception("Failed to generate bootstrapping info")
811 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
813 logger
.info("dev1 scans QR Code")
814 id1
= dev
[1].dpp_qr_code(uri0
)
816 logger
.info("dev1 initiates DPP Authentication")
817 cmd
= "DPP_LISTEN 2412"
819 cmd
+= " role=" + resp_role
820 if "OK" not in dev
[0].request(cmd
):
821 raise Exception("Failed to start listen operation")
822 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=either" % id1
):
823 raise Exception("Failed to initiate DPP Authentication")
824 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
826 raise Exception("DPP authentication did not succeed (Responder)")
827 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
829 raise Exception("DPP authentication did not succeed (Initiator)")
831 ev
= conf_dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
833 raise Exception("DPP configuration did not succeed (Configurator)")
834 ev
= enrollee_dev
.wait_event(["DPP-CONF-FAILED"], timeout
=5)
836 raise Exception("DPP configuration did not succeed (Enrollee)")
838 dev
[0].request("DPP_STOP_LISTEN")
840 def run_init_incompatible_roles(dev
, role
="enrollee"):
841 check_dpp_capab(dev
[0])
842 check_dpp_capab(dev
[1])
843 logger
.info("dev0 displays QR Code")
844 addr
= dev
[0].own_addr().replace(':', '')
845 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
847 raise Exception("Failed to generate bootstrapping info")
849 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
851 logger
.info("dev1 scans QR Code")
852 id1
= dev
[1].dpp_qr_code(uri0
)
854 logger
.info("dev1 initiates DPP Authentication")
855 if "OK" not in dev
[0].request("DPP_LISTEN 2412 role=%s" % role
):
856 raise Exception("Failed to start listen operation")
859 def test_dpp_qr_code_auth_incompatible_roles(dev
, apdev
):
860 """DPP QR Code and authentication exchange (incompatible roles)"""
861 id1
= run_init_incompatible_roles(dev
)
862 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
863 raise Exception("Failed to initiate DPP Authentication")
864 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
866 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
867 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
869 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
871 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
872 raise Exception("Failed to initiate DPP Authentication")
873 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
875 raise Exception("DPP authentication did not succeed (Responder)")
876 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
878 raise Exception("DPP authentication did not succeed (Initiator)")
879 dev
[0].request("DPP_STOP_LISTEN")
881 def test_dpp_qr_code_auth_incompatible_roles2(dev
, apdev
):
882 """DPP QR Code and authentication exchange (incompatible roles 2)"""
883 id1
= run_init_incompatible_roles(dev
, role
="configurator")
884 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
885 raise Exception("Failed to initiate DPP Authentication")
886 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
888 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
889 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
891 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
893 def test_dpp_qr_code_auth_incompatible_roles_failure(dev
, apdev
):
894 """DPP QR Code and authentication exchange (incompatible roles failure)"""
895 id1
= run_init_incompatible_roles(dev
, role
="configurator")
896 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp_status"):
897 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
898 raise Exception("Failed to initiate DPP Authentication")
899 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
901 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
903 def test_dpp_qr_code_auth_incompatible_roles_failure2(dev
, apdev
):
904 """DPP QR Code and authentication exchange (incompatible roles failure 2)"""
905 id1
= run_init_incompatible_roles(dev
, role
="configurator")
906 with
alloc_fail(dev
[1], 1, "dpp_auth_resp_rx_status"):
907 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
908 raise Exception("Failed to initiate DPP Authentication")
909 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL")
911 def test_dpp_qr_code_auth_incompatible_roles_failure3(dev
, apdev
):
912 """DPP QR Code and authentication exchange (incompatible roles failure 3)"""
913 id1
= run_init_incompatible_roles(dev
, role
="configurator")
914 with
fail_test(dev
[1], 1, "dpp_auth_resp_rx_status"):
915 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
916 raise Exception("Failed to initiate DPP Authentication")
917 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
918 if ev
is None or "AES-SIV decryption failed" not in ev
:
919 raise Exception("AES-SIV decryption failure not reported")
921 def test_dpp_qr_code_auth_neg_chan(dev
, apdev
):
922 """DPP QR Code and authentication exchange with requested different channel"""
923 check_dpp_capab(dev
[0])
924 check_dpp_capab(dev
[1])
926 logger
.info("Create configurator on dev1")
927 cmd
= "DPP_CONFIGURATOR_ADD"
928 res
= dev
[1].request(cmd
)
930 raise Exception("Failed to add configurator")
933 logger
.info("dev0 displays QR Code")
934 addr
= dev
[0].own_addr().replace(':', '')
935 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
936 res
= dev
[0].request(cmd
)
938 raise Exception("Failed to generate bootstrapping info")
940 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
942 logger
.info("dev1 scans QR Code")
943 id1
= dev
[1].dpp_qr_code(uri0
)
945 logger
.info("dev1 initiates DPP Authentication")
946 cmd
= "DPP_LISTEN 2412"
947 if "OK" not in dev
[0].request(cmd
):
948 raise Exception("Failed to start listen operation")
949 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp neg_freq=2462" % (id1
, conf_id
)
950 if "OK" not in dev
[1].request(cmd
):
951 raise Exception("Failed to initiate DPP Authentication")
953 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
955 raise Exception("DPP Authentication Request not sent")
956 if "freq=2412 type=0" not in ev
:
957 raise Exception("Unexpected TX data for Authentication Request: " + ev
)
959 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
961 raise Exception("DPP Authentication Request not received")
962 if "freq=2412 type=0" not in ev
:
963 raise Exception("Unexpected RX data for Authentication Request: " + ev
)
965 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
967 raise Exception("TX status for DPP Authentication Request not reported")
968 if "freq=2412 result=SUCCESS" not in ev
:
969 raise Exception("Unexpected TX status for Authentication Request: " + ev
)
971 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
973 raise Exception("DPP Authentication Response not sent")
974 if "freq=2462 type=1" not in ev
:
975 raise Exception("Unexpected TX data for Authentication Response: " + ev
)
977 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
979 raise Exception("DPP Authentication Response not received")
980 if "freq=2462 type=1" not in ev
:
981 raise Exception("Unexpected RX data for Authentication Response: " + ev
)
983 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
985 raise Exception("TX status for DPP Authentication Response not reported")
986 if "freq=2462 result=SUCCESS" not in ev
:
987 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
989 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
991 raise Exception("DPP Authentication Confirm not sent")
992 if "freq=2462 type=2" not in ev
:
993 raise Exception("Unexpected TX data for Authentication Confirm: " + ev
)
995 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
997 raise Exception("DPP Authentication Confirm not received")
998 if "freq=2462 type=2" not in ev
:
999 raise Exception("Unexpected RX data for Authentication Confirm: " + ev
)
1001 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
1003 raise Exception("TX status for DPP Authentication Confirm not reported")
1004 if "freq=2462 result=SUCCESS" not in ev
:
1005 raise Exception("Unexpected TX status for Authentication Confirm: " + ev
)
1007 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1009 raise Exception("DPP authentication did not succeed (Responder)")
1010 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1012 raise Exception("DPP authentication did not succeed (Initiator)")
1013 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
1015 raise Exception("DPP configuration not completed (Configurator)")
1016 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
1018 raise Exception("DPP configuration not completed (Enrollee)")
1019 if "DPP-CONF-FAILED" in ev
:
1020 raise Exception("DPP configuration failed")
1021 dev
[0].request("DPP_STOP_LISTEN")
1022 dev
[0].dump_monitor()
1023 dev
[1].dump_monitor()
1025 def test_dpp_config_legacy(dev
, apdev
):
1026 """DPP Config Object for legacy network using passphrase"""
1027 check_dpp_capab(dev
[1])
1028 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}'
1029 dev
[1].set("dpp_config_obj_override", conf
)
1030 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1031 require_conf_success
=True)
1033 def test_dpp_config_legacy_psk_hex(dev
, apdev
):
1034 """DPP Config Object for legacy network using PSK"""
1035 check_dpp_capab(dev
[1])
1036 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"' + 32*"12" + '"}}'
1037 dev
[1].set("dpp_config_obj_override", conf
)
1038 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1039 require_conf_success
=True)
1041 def test_dpp_config_fragmentation(dev
, apdev
):
1042 """DPP Config Object for legacy network requiring fragmentation"""
1043 check_dpp_capab(dev
[1])
1044 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1045 dev
[1].set("dpp_config_obj_override", conf
)
1046 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1047 require_conf_success
=True)
1049 def test_dpp_config_legacy_gen(dev
, apdev
):
1050 """Generate DPP Config Object for legacy network"""
1051 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1052 init_extra
="conf=sta-psk pass=%s" % binascii
.hexlify(b
"passphrase").decode(),
1053 require_conf_success
=True)
1055 def test_dpp_config_legacy_gen_psk(dev
, apdev
):
1056 """Generate DPP Config Object for legacy network (PSK)"""
1057 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1058 init_extra
="conf=sta-psk psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
1059 require_conf_success
=True)
1061 def test_dpp_config_dpp_gen_prime256v1(dev
, apdev
):
1062 """Generate DPP Config Object for DPP network (P-256)"""
1063 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1064 init_extra
="conf=sta-dpp",
1065 require_conf_success
=True,
1068 def test_dpp_config_dpp_gen_secp384r1(dev
, apdev
):
1069 """Generate DPP Config Object for DPP network (P-384)"""
1070 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1071 init_extra
="conf=sta-dpp",
1072 require_conf_success
=True,
1075 def test_dpp_config_dpp_gen_secp521r1(dev
, apdev
):
1076 """Generate DPP Config Object for DPP network (P-521)"""
1077 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1078 init_extra
="conf=sta-dpp",
1079 require_conf_success
=True,
1082 def test_dpp_config_dpp_gen_prime256v1_prime256v1(dev
, apdev
):
1083 """Generate DPP Config Object for DPP network (P-256 + P-256)"""
1084 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1085 init_extra
="conf=sta-dpp",
1086 require_conf_success
=True,
1088 conf_curve
="prime256v1")
1090 def test_dpp_config_dpp_gen_prime256v1_secp384r1(dev
, apdev
):
1091 """Generate DPP Config Object for DPP network (P-256 + P-384)"""
1092 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1093 init_extra
="conf=sta-dpp",
1094 require_conf_success
=True,
1096 conf_curve
="secp384r1")
1098 def test_dpp_config_dpp_gen_prime256v1_secp521r1(dev
, apdev
):
1099 """Generate DPP Config Object for DPP network (P-256 + P-521)"""
1100 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1101 init_extra
="conf=sta-dpp",
1102 require_conf_success
=True,
1104 conf_curve
="secp521r1")
1106 def test_dpp_config_dpp_gen_secp384r1_prime256v1(dev
, apdev
):
1107 """Generate DPP Config Object for DPP network (P-384 + P-256)"""
1108 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1109 init_extra
="conf=sta-dpp",
1110 require_conf_success
=True,
1112 conf_curve
="prime256v1")
1114 def test_dpp_config_dpp_gen_secp384r1_secp384r1(dev
, apdev
):
1115 """Generate DPP Config Object for DPP network (P-384 + P-384)"""
1116 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1117 init_extra
="conf=sta-dpp",
1118 require_conf_success
=True,
1120 conf_curve
="secp384r1")
1122 def test_dpp_config_dpp_gen_secp384r1_secp521r1(dev
, apdev
):
1123 """Generate DPP Config Object for DPP network (P-384 + P-521)"""
1124 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1125 init_extra
="conf=sta-dpp",
1126 require_conf_success
=True,
1128 conf_curve
="secp521r1")
1130 def test_dpp_config_dpp_gen_secp521r1_prime256v1(dev
, apdev
):
1131 """Generate DPP Config Object for DPP network (P-521 + P-256)"""
1132 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1133 init_extra
="conf=sta-dpp",
1134 require_conf_success
=True,
1136 conf_curve
="prime256v1")
1138 def test_dpp_config_dpp_gen_secp521r1_secp384r1(dev
, apdev
):
1139 """Generate DPP Config Object for DPP network (P-521 + P-384)"""
1140 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1141 init_extra
="conf=sta-dpp",
1142 require_conf_success
=True,
1144 conf_curve
="secp384r1")
1146 def test_dpp_config_dpp_gen_secp521r1_secp521r1(dev
, apdev
):
1147 """Generate DPP Config Object for DPP network (P-521 + P-521)"""
1148 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1149 init_extra
="conf=sta-dpp",
1150 require_conf_success
=True,
1152 conf_curve
="secp521r1")
1154 def test_dpp_config_dpp_gen_expiry(dev
, apdev
):
1155 """Generate DPP Config Object for DPP network with expiry value"""
1156 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1157 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() + 1000),
1158 require_conf_success
=True,
1161 def test_dpp_config_dpp_gen_expired_key(dev
, apdev
):
1162 """Generate DPP Config Object for DPP network with expiry value"""
1163 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1164 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() - 10),
1165 require_conf_failure
=True,
1168 def test_dpp_config_dpp_override_prime256v1(dev
, apdev
):
1169 """DPP Config Object override (P-256)"""
1170 check_dpp_capab(dev
[0])
1171 check_dpp_capab(dev
[1])
1172 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiYVRGNEpFR0lQS1NaMFh2OXpkQ01qbS10bjVYcE1zWUlWWjl3eVNBejFnSSIsInkiOiJRR2NIV0FfNnJiVTlYRFhBenRvWC1NNVEzc3VUbk1hcUVoVUx0bjdTU1h3In19._sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A","csign":{"kty":"EC","crv":"P-256","x":"W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s","y":"Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}}}'
1173 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1174 dev
[1].set("dpp_config_obj_override", conf
)
1175 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1176 require_conf_success
=True)
1178 def test_dpp_config_dpp_override_secp384r1(dev
, apdev
):
1179 """DPP Config Object override (P-384)"""
1180 check_dpp_capab(dev
[0])
1181 check_dpp_capab(dev
[1])
1182 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJabi1iMndjbjRLM2pGQklkYmhGZkpVTHJTXzdESS0yMWxFQi02R3gxNjl3IiwiYWxnIjoiRVMzODQifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0zODQiLCJ4IjoickdrSGg1UUZsOUtfWjdqYUZkVVhmbThoY1RTRjM1b25Xb1NIRXVsbVNzWW9oX1RXZGpoRjhiVGdiS0ZRN2tBViIsInkiOiJBbU1QVDA5VmFENWpGdzMwTUFKQlp2VkZXeGNlVVlKLXR5blQ0bVJ5N0xOZWxhZ0dEWHpfOExaRlpOU2FaNUdLIn19.Yn_F7m-bbOQ5PlaYQJ9-1qsuqYQ6V-rAv8nWw1COKiCYwwbt3WFBJ8DljY0dPrlg5CHJC4saXwkytpI-CpELW1yUdzYb4Lrun07d20Eo_g10ICyOl5sqQCAUElKMe_Xr","csign":{"kty":"EC","crv":"P-384","x":"dmTyXXiPV2Y8a01fujL-jo08gvzyby23XmzOtzjAiujKQZZgPJsbhfEKrZDlc6ey","y":"H5Z0av5c7bqInxYb2_OOJdNiMhVf3zlcULR0516ZZitOY4U31KhL4wl4KGV7g2XW","kid":"Zn-b2wcn4K3jFBIdbhFfJULrS_7DI-21lEB-6Gx169w"}}}'
1183 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1184 dev
[1].set("dpp_config_obj_override", conf
)
1185 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1186 require_conf_success
=True)
1188 def test_dpp_config_dpp_override_secp521r1(dev
, apdev
):
1189 """DPP Config Object override (P-521)"""
1190 check_dpp_capab(dev
[0])
1191 check_dpp_capab(dev
[1])
1192 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJMZkhKY3hnV2ZKcG1uS2IwenZRT0F2VDB2b0ZKc0JjZnBmYzgxY3Y5ZXFnIiwiYWxnIjoiRVM1MTIifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC01MjEiLCJ4IjoiQVJlUFBrMFNISkRRR2NWbnlmM3lfbTlaQllHNjFJeElIbDN1NkdwRHVhMkU1WVd4TE1BSUtMMnZuUGtlSGFVRXljRmZaZlpYZ2JlNkViUUxMVkRVUm1VUSIsInkiOiJBWUtaYlNwUkFFNjJVYm9YZ2c1ZWRBVENzbEpzTlpwcm9RR1dUcW9Md04weXkzQkVoT3ZRZmZrOWhaR2lKZ295TzFobXFRRVRrS0pXb2tIYTBCQUpLSGZtIn19.ACEZLyPk13cM_OFScpLoCElQ2t1sxq5z2d_W_3_QslTQQe5SFiH_o8ycL4632YLAH4RV0gZcMKKRMtZdHgBYHjkzASDqgY-_aYN2SBmpfl8hw0YdDlUJWX3DJf-ofqNAlTbnGmhpSg69cEAhFn41Xgvx2MdwYcPVncxxESVOtWl5zNLK","csign":{"kty":"EC","crv":"P-521","x":"ADiOI_YJOAipEXHB-SpGl4KqokX8m8h3BVYCc8dgiwssZ061-nIIY3O1SIO6Re4Jjfy53RPgzDG6jitOgOGLtzZs","y":"AZKggKaQi0ExutSpJAU3-lqDV03sBQLA9C7KabfWoAn8qD6Vk4jU0WAJdt-wBBTF9o1nVuiqS2OxMVYrxN4lOz79","kid":"LfHJcxgWfJpmnKb0zvQOAvT0voFJsBcfpfc81cv9eqg"}}}'
1193 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1194 dev
[1].set("dpp_config_obj_override", conf
)
1195 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1196 require_conf_success
=True)
1198 def test_dpp_config_override_objects(dev
, apdev
):
1199 """Generate DPP Config Object and override objects)"""
1200 check_dpp_capab(dev
[1])
1201 discovery
= '{\n"ssid":"mywifi"\n}'
1202 groups
= '[\n {"groupId":"home","netRole":"sta"},\n {"groupId":"cottage","netRole":"sta"}\n]'
1203 dev
[1].set("dpp_discovery_override", discovery
)
1204 dev
[1].set("dpp_groups_override", groups
)
1205 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1206 init_extra
="conf=sta-dpp",
1207 require_conf_success
=True,
1210 def build_conf_obj(kty
="EC", crv
="P-256",
1211 x
="W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s",
1212 y
="Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE",
1213 kid
="TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU",
1214 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}',
1215 signed_connector
=None,
1216 no_signed_connector
=False,
1218 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{'
1219 conf
+= '"akm":"dpp",'
1221 if signed_connector
:
1222 conn
= signed_connector
1223 conf
+= '"signedConnector":"%s",' % conn
1224 elif not no_signed_connector
:
1225 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1226 sign
= "_sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A"
1227 conn
= base64
.urlsafe_b64encode(prot_hdr
.encode()).decode().rstrip('=') + '.'
1228 conn
+= base64
.urlsafe_b64encode(payload
.encode()).decode().rstrip('=') + '.'
1230 conf
+= '"signedConnector":"%s",' % conn
1235 conf
+= '"kty":"%s",' % kty
1237 conf
+= '"crv":"%s",' % crv
1239 conf
+= '"x":"%s",' % x
1241 conf
+= '"y":"%s",' % y
1243 conf
+= '"kid":"%s"' % kid
1244 conf
= conf
.rstrip(',')
1247 conf
= conf
.rstrip(',')
1253 def run_dpp_config_error(dev
, apdev
, conf
,
1254 skip_net_access_key_mismatch
=True):
1255 check_dpp_capab(dev
[0])
1256 check_dpp_capab(dev
[1])
1257 if skip_net_access_key_mismatch
:
1258 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1259 dev
[1].set("dpp_config_obj_override", conf
)
1260 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1261 require_conf_failure
=True)
1263 def test_dpp_config_jwk_error_no_kty(dev
, apdev
):
1264 """DPP Config Object JWK error - no kty"""
1265 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
=None))
1267 def test_dpp_config_jwk_error_unexpected_kty(dev
, apdev
):
1268 """DPP Config Object JWK error - unexpected kty"""
1269 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
="unknown"))
1271 def test_dpp_config_jwk_error_no_crv(dev
, apdev
):
1272 """DPP Config Object JWK error - no crv"""
1273 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
=None))
1275 def test_dpp_config_jwk_error_unsupported_crv(dev
, apdev
):
1276 """DPP Config Object JWK error - unsupported curve"""
1277 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
="unsupported"))
1279 def test_dpp_config_jwk_error_no_x(dev
, apdev
):
1280 """DPP Config Object JWK error - no x"""
1281 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
=None))
1283 def test_dpp_config_jwk_error_invalid_x(dev
, apdev
):
1284 """DPP Config Object JWK error - invalid x"""
1285 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
="MTIz"))
1287 def test_dpp_config_jwk_error_no_y(dev
, apdev
):
1288 """DPP Config Object JWK error - no y"""
1289 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
=None))
1291 def test_dpp_config_jwk_error_invalid_y(dev
, apdev
):
1292 """DPP Config Object JWK error - invalid y"""
1293 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
="MTIz"))
1295 def test_dpp_config_jwk_error_invalid_xy(dev
, apdev
):
1296 """DPP Config Object JWK error - invalid x,y"""
1297 conf
= build_conf_obj(x
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY",
1298 y
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY")
1299 run_dpp_config_error(dev
, apdev
, conf
)
1301 def test_dpp_config_jwk_error_no_kid(dev
, apdev
):
1302 """DPP Config Object JWK error - no kid"""
1303 run_dpp_config_error(dev
, apdev
, build_conf_obj(kid
=None))
1305 def test_dpp_config_jws_error_prot_hdr_not_an_object(dev
, apdev
):
1306 """DPP Config Object JWS error - protected header not an object"""
1307 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
="1"))
1309 def test_dpp_config_jws_error_prot_hdr_no_typ(dev
, apdev
):
1310 """DPP Config Object JWS error - protected header - no typ"""
1311 prot_hdr
='{"kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1312 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1314 def test_dpp_config_jws_error_prot_hdr_unsupported_typ(dev
, apdev
):
1315 """DPP Config Object JWS error - protected header - unsupported typ"""
1316 prot_hdr
='{"typ":"unsupported","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1317 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1319 def test_dpp_config_jws_error_prot_hdr_no_alg(dev
, apdev
):
1320 """DPP Config Object JWS error - protected header - no alg"""
1321 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}'
1322 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1324 def test_dpp_config_jws_error_prot_hdr_unexpected_alg(dev
, apdev
):
1325 """DPP Config Object JWS error - protected header - unexpected alg"""
1326 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"unexpected"}'
1327 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1329 def test_dpp_config_jws_error_prot_hdr_no_kid(dev
, apdev
):
1330 """DPP Config Object JWS error - protected header - no kid"""
1331 prot_hdr
='{"typ":"dppCon","alg":"ES256"}'
1332 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1334 def test_dpp_config_jws_error_prot_hdr_unexpected_kid(dev
, apdev
):
1335 """DPP Config Object JWS error - protected header - unexpected kid"""
1336 prot_hdr
='{"typ":"dppCon","kid":"MTIz","alg":"ES256"}'
1337 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1339 def test_dpp_config_signed_connector_error_no_dot_1(dev
, apdev
):
1340 """DPP Config Object signedConnector error - no dot(1)"""
1342 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1344 def test_dpp_config_signed_connector_error_no_dot_2(dev
, apdev
):
1345 """DPP Config Object signedConnector error - no dot(2)"""
1346 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz"
1347 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1349 def test_dpp_config_signed_connector_error_unexpected_signature_len(dev
, apdev
):
1350 """DPP Config Object signedConnector error - unexpected signature length"""
1351 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTIz"
1352 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1354 def test_dpp_config_signed_connector_error_invalid_signature_der(dev
, apdev
):
1355 """DPP Config Object signedConnector error - invalid signature DER"""
1356 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTI"
1357 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1359 def test_dpp_config_no_csign(dev
, apdev
):
1360 """DPP Config Object error - no csign"""
1361 run_dpp_config_error(dev
, apdev
, build_conf_obj(csign
=False))
1363 def test_dpp_config_no_signed_connector(dev
, apdev
):
1364 """DPP Config Object error - no signedConnector"""
1365 run_dpp_config_error(dev
, apdev
, build_conf_obj(no_signed_connector
=True))
1367 def test_dpp_config_unexpected_signed_connector_char(dev
, apdev
):
1368 """DPP Config Object error - unexpected signedConnector character"""
1369 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
='a\nb'))
1371 def test_dpp_config_root_not_an_object(dev
, apdev
):
1372 """DPP Config Object error - root not an object"""
1374 run_dpp_config_error(dev
, apdev
, conf
)
1376 def test_dpp_config_no_wi_fi_tech(dev
, apdev
):
1377 """DPP Config Object error - no wi-fi_tech"""
1379 run_dpp_config_error(dev
, apdev
, conf
)
1381 def test_dpp_config_unsupported_wi_fi_tech(dev
, apdev
):
1382 """DPP Config Object error - unsupported wi-fi_tech"""
1383 conf
= '{"wi-fi_tech":"unsupported"}'
1384 run_dpp_config_error(dev
, apdev
, conf
)
1386 def test_dpp_config_no_discovery(dev
, apdev
):
1387 """DPP Config Object error - no discovery"""
1388 conf
= '{"wi-fi_tech":"infra"}'
1389 run_dpp_config_error(dev
, apdev
, conf
)
1391 def test_dpp_config_no_discovery_ssid(dev
, apdev
):
1392 """DPP Config Object error - no discovery::ssid"""
1393 conf
= '{"wi-fi_tech":"infra","discovery":{}}'
1394 run_dpp_config_error(dev
, apdev
, conf
)
1396 def test_dpp_config_too_long_discovery_ssid(dev
, apdev
):
1397 """DPP Config Object error - too long discovery::ssid"""
1398 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"%s"}}' % (33*'A')
1399 run_dpp_config_error(dev
, apdev
, conf
)
1401 def test_dpp_config_no_cred(dev
, apdev
):
1402 """DPP Config Object error - no cred"""
1403 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"}}'
1404 run_dpp_config_error(dev
, apdev
, conf
)
1406 def test_dpp_config_no_cred_akm(dev
, apdev
):
1407 """DPP Config Object error - no cred::akm"""
1408 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{}}'
1409 run_dpp_config_error(dev
, apdev
, conf
)
1411 def test_dpp_config_unsupported_cred_akm(dev
, apdev
):
1412 """DPP Config Object error - unsupported cred::akm"""
1413 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"unsupported"}}'
1414 run_dpp_config_error(dev
, apdev
, conf
)
1416 def test_dpp_config_error_legacy_no_pass(dev
, apdev
):
1417 """DPP Config Object legacy error - no pass/psk"""
1418 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk"}}'
1419 run_dpp_config_error(dev
, apdev
, conf
)
1421 def test_dpp_config_error_legacy_too_short_pass(dev
, apdev
):
1422 """DPP Config Object legacy error - too short pass/psk"""
1423 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"1"}}'
1424 run_dpp_config_error(dev
, apdev
, conf
)
1426 def test_dpp_config_error_legacy_too_long_pass(dev
, apdev
):
1427 """DPP Config Object legacy error - too long pass/psk"""
1428 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"%s"}}' % (64*'A')
1429 run_dpp_config_error(dev
, apdev
, conf
)
1431 def test_dpp_config_error_legacy_psk_with_sae(dev
, apdev
):
1432 """DPP Config Object legacy error - psk_hex with SAE"""
1433 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"sae","psk_hex":"%s"}}' % (32*"12")
1434 run_dpp_config_error(dev
, apdev
, conf
)
1436 def test_dpp_config_error_legacy_no_pass_for_sae(dev
, apdev
):
1437 """DPP Config Object legacy error - no pass for SAE"""
1438 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk+sae","psk_hex":"%s"}}' % (32*"12")
1439 run_dpp_config_error(dev
, apdev
, conf
)
1441 def test_dpp_config_error_legacy_invalid_psk(dev
, apdev
):
1442 """DPP Config Object legacy error - invalid psk_hex"""
1443 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (32*"qa")
1444 run_dpp_config_error(dev
, apdev
, conf
)
1446 def test_dpp_config_error_legacy_too_short_psk(dev
, apdev
):
1447 """DPP Config Object legacy error - too short psk_hex"""
1448 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (31*"12")
1449 run_dpp_config_error(dev
, apdev
, conf
)
1451 def ecdsa_sign(pkey
, message
, alg
="sha256"):
1452 sign
= OpenSSL
.crypto
.sign(pkey
, message
, alg
)
1453 a
,b
= struct
.unpack('BB', sign
[0:2])
1455 raise Exception("Invalid DER encoding of ECDSA signature")
1456 if b
!= len(sign
) - 2:
1457 raise Exception("Invalid length of ECDSA signature")
1460 a
,b
= struct
.unpack('BB', sign
[0:2])
1462 raise Exception("Invalid DER encoding of ECDSA signature r")
1463 if b
> len(sign
) - 2:
1464 raise Exception("Invalid length of ECDSA signature r")
1473 raise Exception("Invalid length of ECDSA signature r")
1475 a
,b
= struct
.unpack('BB', sign
[0:2])
1477 raise Exception("Invalid DER encoding of ECDSA signature s")
1478 if b
> len(sign
) - 2:
1479 raise Exception("Invalid length of ECDSA signature s")
1488 raise Exception("Invalid length of ECDSA signature s")
1490 raise Exception("Extra data at the end of ECDSA signature")
1493 return base64
.urlsafe_b64encode(raw_sign
).decode().rstrip('=')
1495 p256_priv_key
= """-----BEGIN EC PRIVATE KEY-----
1496 MHcCAQEEIBVQij9ah629f1pu3tarDQGQvrzHgAkgYd1jHGiLxNajoAoGCCqGSM49
1497 AwEHoUQDQgAEAC9d2/JirKu72F2qLuv5jEFMD1Cqu9EiyGk7cOzn/2DJ51p2mEoW
1498 n03N6XRvTC+G7WPol9Ng97NAM2sK57+F/Q==
1499 -----END EC PRIVATE KEY-----"""
1500 p256_pub_key_x
= binascii
.unhexlify("002f5ddbf262acabbbd85daa2eebf98c414c0f50aabbd122c8693b70ece7ff60")
1501 p256_pub_key_y
= binascii
.unhexlify("c9e75a76984a169f4dcde9746f4c2f86ed63e897d360f7b340336b0ae7bf85fd")
1503 def run_dpp_config_connector(dev
, apdev
, expiry
=None, payload
=None,
1504 skip_net_access_key_mismatch
=True):
1505 if not openssl_imported
:
1506 raise HwsimSkip("OpenSSL python method not available")
1507 pkey
= OpenSSL
.crypto
.load_privatekey(OpenSSL
.crypto
.FILETYPE_PEM
,
1509 x
= base64
.urlsafe_b64encode(p256_pub_key_x
).decode().rstrip('=')
1510 y
= base64
.urlsafe_b64encode(p256_pub_key_y
).decode().rstrip('=')
1512 pubkey
= b
'\x04' + p256_pub_key_x
+ p256_pub_key_y
1513 kid
= base64
.urlsafe_b64encode(hashlib
.sha256(pubkey
).digest()).decode().rstrip('=')
1515 prot_hdr
= '{"typ":"dppCon","kid":"%s","alg":"ES256"}' % kid
1518 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}'
1520 payload
+= ',"expiry":"%s"' % expiry
1522 conn
= base64
.urlsafe_b64encode(prot_hdr
.encode()).decode().rstrip('=') + '.'
1523 conn
+= base64
.urlsafe_b64encode(payload
.encode()).decode().rstrip('=')
1524 sign
= ecdsa_sign(pkey
, conn
)
1526 run_dpp_config_error(dev
, apdev
,
1527 build_conf_obj(x
=x
, y
=y
, signed_connector
=conn
),
1528 skip_net_access_key_mismatch
=skip_net_access_key_mismatch
)
1530 def test_dpp_config_connector_error_ext_sign(dev
, apdev
):
1531 """DPP Config Object connector error - external signature calculation"""
1532 run_dpp_config_connector(dev
, apdev
)
1534 def test_dpp_config_connector_error_too_short_timestamp(dev
, apdev
):
1535 """DPP Config Object connector error - too short timestamp"""
1536 run_dpp_config_connector(dev
, apdev
, expiry
="1")
1538 def test_dpp_config_connector_error_invalid_timestamp(dev
, apdev
):
1539 """DPP Config Object connector error - invalid timestamp"""
1540 run_dpp_config_connector(dev
, apdev
, expiry
=19*"1")
1542 def test_dpp_config_connector_error_invalid_timestamp_date(dev
, apdev
):
1543 """DPP Config Object connector error - invalid timestamp date"""
1544 run_dpp_config_connector(dev
, apdev
, expiry
="9999-99-99T99:99:99Z")
1546 def test_dpp_config_connector_error_invalid_time_zone(dev
, apdev
):
1547 """DPP Config Object connector error - invalid time zone"""
1548 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00*")
1550 def test_dpp_config_connector_error_invalid_time_zone_2(dev
, apdev
):
1551 """DPP Config Object connector error - invalid time zone 2"""
1552 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+")
1554 def test_dpp_config_connector_error_expired_1(dev
, apdev
):
1555 """DPP Config Object connector error - expired 1"""
1556 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00")
1558 def test_dpp_config_connector_error_expired_2(dev
, apdev
):
1559 """DPP Config Object connector error - expired 2"""
1560 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00Z")
1562 def test_dpp_config_connector_error_expired_3(dev
, apdev
):
1563 """DPP Config Object connector error - expired 3"""
1564 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01")
1566 def test_dpp_config_connector_error_expired_4(dev
, apdev
):
1567 """DPP Config Object connector error - expired 4"""
1568 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01:02")
1570 def test_dpp_config_connector_error_expired_5(dev
, apdev
):
1571 """DPP Config Object connector error - expired 5"""
1572 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01")
1574 def test_dpp_config_connector_error_expired_6(dev
, apdev
):
1575 """DPP Config Object connector error - expired 6"""
1576 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01:02")
1578 def test_dpp_config_connector_error_no_groups(dev
, apdev
):
1579 """DPP Config Object connector error - no groups"""
1580 payload
= '{"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1581 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1583 def test_dpp_config_connector_error_empty_groups(dev
, apdev
):
1584 """DPP Config Object connector error - empty groups"""
1585 payload
= '{"groups":[],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1586 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1588 def test_dpp_config_connector_error_missing_group_id(dev
, apdev
):
1589 """DPP Config Object connector error - missing groupId"""
1590 payload
= '{"groups":[{"netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1591 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1593 def test_dpp_config_connector_error_missing_net_role(dev
, apdev
):
1594 """DPP Config Object connector error - missing netRole"""
1595 payload
= '{"groups":[{"groupId":"*"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1596 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1598 def test_dpp_config_connector_error_missing_net_access_key(dev
, apdev
):
1599 """DPP Config Object connector error - missing netAccessKey"""
1600 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}]}'
1601 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1603 def test_dpp_config_connector_error_net_access_key_mismatch(dev
, apdev
):
1604 """DPP Config Object connector error - netAccessKey mismatch"""
1605 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1606 run_dpp_config_connector(dev
, apdev
, payload
=payload
,
1607 skip_net_access_key_mismatch
=False)
1609 def test_dpp_gas_timeout(dev
, apdev
):
1610 """DPP and GAS server timeout for a query"""
1611 check_dpp_capab(dev
[0])
1612 check_dpp_capab(dev
[1])
1613 logger
.info("dev0 displays QR Code")
1614 addr
= dev
[0].own_addr().replace(':', '')
1615 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1616 res
= dev
[0].request(cmd
)
1618 raise Exception("Failed to generate bootstrapping info")
1620 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1622 logger
.info("dev1 scans QR Code")
1623 id1
= dev
[1].dpp_qr_code(uri0
)
1625 logger
.info("dev1 initiates DPP Authentication")
1626 dev
[0].set("ext_mgmt_frame_handling", "1")
1627 cmd
= "DPP_LISTEN 2412"
1628 if "OK" not in dev
[0].request(cmd
):
1629 raise Exception("Failed to start listen operation")
1631 # Force GAS fragmentation
1632 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1633 dev
[1].set("dpp_config_obj_override", conf
)
1635 cmd
= "DPP_AUTH_INIT peer=%d" % id1
1636 if "OK" not in dev
[1].request(cmd
):
1637 raise Exception("Failed to initiate DPP Authentication")
1639 # DPP Authentication Request
1640 msg
= dev
[0].mgmt_rx()
1641 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1642 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1643 raise Exception("MGMT_RX_PROCESS failed")
1645 # DPP Authentication Confirmation
1646 msg
= dev
[0].mgmt_rx()
1647 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1648 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1649 raise Exception("MGMT_RX_PROCESS failed")
1651 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1653 raise Exception("DPP authentication did not succeed (Responder)")
1654 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1656 raise Exception("DPP authentication did not succeed (Initiator)")
1658 # DPP Configuration Response (GAS Initial Response frame)
1659 msg
= dev
[0].mgmt_rx()
1660 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1661 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1662 raise Exception("MGMT_RX_PROCESS failed")
1664 # GAS Comeback Response frame
1665 msg
= dev
[0].mgmt_rx()
1666 # Do not continue to force timeout on GAS server
1668 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
1670 raise Exception("GAS result not reported (Enrollee)")
1671 if "result=TIMEOUT" not in ev
:
1672 raise Exception("Unexpected GAS result (Enrollee): " + ev
)
1673 dev
[0].set("ext_mgmt_frame_handling", "0")
1675 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=15)
1677 raise Exception("DPP configuration failure not reported (Configurator)")
1679 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=1)
1681 raise Exception("DPP configuration failure not reported (Enrollee)")
1683 def test_dpp_akm_sha256(dev
, apdev
):
1684 """DPP AKM (SHA256)"""
1685 run_dpp_akm(dev
, apdev
, 32)
1687 def test_dpp_akm_sha384(dev
, apdev
):
1688 """DPP AKM (SHA384)"""
1689 run_dpp_akm(dev
, apdev
, 48)
1691 def test_dpp_akm_sha512(dev
, apdev
):
1692 """DPP AKM (SHA512)"""
1693 run_dpp_akm(dev
, apdev
, 64)
1695 def run_dpp_akm(dev
, apdev
, pmk_len
):
1696 check_dpp_capab(dev
[0])
1697 check_dpp_capab(dev
[1])
1698 params
= { "ssid": "dpp",
1700 "wpa_key_mgmt": "DPP",
1701 "rsn_pairwise": "CCMP",
1704 hapd
= hostapd
.add_ap(apdev
[0], params
)
1706 raise HwsimSkip("DPP not supported")
1708 id = dev
[0].connect("dpp", key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
1710 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=2)
1712 raise Exception("Network mismatch not reported")
1713 dev
[0].request("DISCONNECT")
1714 dev
[0].dump_monitor()
1716 bssid
= hapd
.own_addr()
1720 cmd
= "PMKSA_ADD %d %s %s %s 30240 43200 %d 0" % (id, bssid
, pmkid
, pmk
, akmp
)
1721 if "OK" not in dev
[0].request(cmd
):
1722 raise Exception("PMKSA_ADD failed (wpa_supplicant)")
1723 dev
[0].select_network(id, freq
="2412")
1724 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=2)
1725 dev
[0].request("DISCONNECT")
1726 dev
[0].dump_monitor()
1728 raise Exception("Association attempt was not rejected")
1729 if "status_code=53" not in ev
:
1730 raise Exception("Unexpected status code: " + ev
)
1732 addr
= dev
[0].own_addr()
1733 cmd
= "PMKSA_ADD %s %s %s 0 %d" % (addr
, pmkid
, pmk
, akmp
)
1734 if "OK" not in hapd
.request(cmd
):
1735 raise Exception("PMKSA_ADD failed (hostapd)")
1737 dev
[0].select_network(id, freq
="2412")
1738 dev
[0].wait_connected()
1739 val
= dev
[0].get_status_field("key_mgmt")
1741 raise Exception("Unexpected key_mgmt: " + val
)
1743 params1_csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1744 params1_ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1745 params1_ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1746 params1_sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1747 params1_sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1749 def test_dpp_network_introduction(dev
, apdev
):
1750 """DPP network introduction"""
1751 check_dpp_capab(dev
[0])
1752 check_dpp_capab(dev
[1])
1754 params
= { "ssid": "dpp",
1756 "wpa_key_mgmt": "DPP",
1758 "rsn_pairwise": "CCMP",
1759 "dpp_connector": params1_ap_connector
,
1760 "dpp_csign": params1_csign
,
1761 "dpp_netaccesskey": params1_ap_netaccesskey
}
1763 hapd
= hostapd
.add_ap(apdev
[0], params
)
1765 raise HwsimSkip("DPP not supported")
1767 id = dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
1769 dpp_csign
=params1_csign
,
1770 dpp_connector
=params1_sta_connector
,
1771 dpp_netaccesskey
=params1_sta_netaccesskey
)
1772 val
= dev
[0].get_status_field("key_mgmt")
1774 raise Exception("Unexpected key_mgmt: " + val
)
1776 def test_dpp_and_sae_akm(dev
, apdev
):
1777 """DPP and SAE AKMs"""
1778 check_dpp_capab(dev
[0])
1779 check_dpp_capab(dev
[1])
1780 if "SAE" not in dev
[1].get_capability("auth_alg"):
1781 raise HwsimSkip("SAE not supported")
1783 params
= { "ssid": "dpp+sae",
1785 "wpa_key_mgmt": "DPP SAE",
1787 "rsn_pairwise": "CCMP",
1788 "sae_password": "sae-password",
1789 "dpp_connector": params1_ap_connector
,
1790 "dpp_csign": params1_csign
,
1791 "dpp_netaccesskey": params1_ap_netaccesskey
}
1793 hapd
= hostapd
.add_ap(apdev
[0], params
)
1795 raise HwsimSkip("DPP not supported")
1797 id = dev
[0].connect("dpp+sae", key_mgmt
="DPP", scan_freq
="2412",
1799 dpp_csign
=params1_csign
,
1800 dpp_connector
=params1_sta_connector
,
1801 dpp_netaccesskey
=params1_sta_netaccesskey
)
1802 val
= dev
[0].get_status_field("key_mgmt")
1804 raise Exception("Unexpected key_mgmt for DPP: " + val
)
1806 id = dev
[1].connect("dpp+sae", key_mgmt
="SAE", scan_freq
="2412",
1807 ieee80211w
="2", psk
="sae-password")
1808 val
= dev
[1].get_status_field("key_mgmt")
1810 raise Exception("Unexpected key_mgmt for SAE: " + val
)
1812 def test_dpp_ap_config(dev
, apdev
):
1813 """DPP and AP configuration"""
1814 run_dpp_ap_config(dev
, apdev
)
1816 def test_dpp_ap_config_p256_p256(dev
, apdev
):
1817 """DPP and AP configuration (P-256 + P-256)"""
1818 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-256")
1820 def test_dpp_ap_config_p256_p384(dev
, apdev
):
1821 """DPP and AP configuration (P-256 + P-384)"""
1822 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-384")
1824 def test_dpp_ap_config_p256_p521(dev
, apdev
):
1825 """DPP and AP configuration (P-256 + P-521)"""
1826 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-521")
1828 def test_dpp_ap_config_p384_p256(dev
, apdev
):
1829 """DPP and AP configuration (P-384 + P-256)"""
1830 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-256")
1832 def test_dpp_ap_config_p384_p384(dev
, apdev
):
1833 """DPP and AP configuration (P-384 + P-384)"""
1834 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-384")
1836 def test_dpp_ap_config_p384_p521(dev
, apdev
):
1837 """DPP and AP configuration (P-384 + P-521)"""
1838 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-521")
1840 def test_dpp_ap_config_p521_p256(dev
, apdev
):
1841 """DPP and AP configuration (P-521 + P-256)"""
1842 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-256")
1844 def test_dpp_ap_config_p521_p384(dev
, apdev
):
1845 """DPP and AP configuration (P-521 + P-384)"""
1846 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-384")
1848 def test_dpp_ap_config_p521_p521(dev
, apdev
):
1849 """DPP and AP configuration (P-521 + P-521)"""
1850 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-521")
1852 def test_dpp_ap_config_reconfig_configurator(dev
, apdev
):
1853 """DPP and AP configuration with Configurator reconfiguration"""
1854 run_dpp_ap_config(dev
, apdev
, reconf_configurator
=True)
1856 def update_hapd_config(hapd
):
1857 ev
= hapd
.wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1859 raise Exception("SSID not reported (AP)")
1860 ssid
= ev
.split(' ')[1]
1862 ev
= hapd
.wait_event(["DPP-CONNECTOR"], timeout
=1)
1864 raise Exception("Connector not reported (AP)")
1865 connector
= ev
.split(' ')[1]
1867 ev
= hapd
.wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
1869 raise Exception("C-sign-key not reported (AP)")
1873 ev
= hapd
.wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
1875 raise Exception("netAccessKey not reported (AP)")
1877 net_access_key
= p
[1]
1878 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
1880 logger
.info("Update AP configuration to use key_mgmt=DPP")
1882 hapd
.set("ssid", ssid
)
1883 hapd
.set("wpa", "2")
1884 hapd
.set("wpa_key_mgmt", "DPP")
1885 hapd
.set("ieee80211w", "2")
1886 hapd
.set("rsn_pairwise", "CCMP")
1887 hapd
.set("dpp_connector", connector
)
1888 hapd
.set("dpp_csign", csign
)
1889 hapd
.set("dpp_netaccesskey", net_access_key
)
1890 if net_access_key_expiry
:
1891 hapd
.set("dpp_netaccesskey_expiry", net_access_key_expiry
)
1894 def run_dpp_ap_config(dev
, apdev
, curve
=None, conf_curve
=None,
1895 reconf_configurator
=False):
1896 check_dpp_capab(dev
[0])
1897 check_dpp_capab(dev
[1])
1898 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
1899 check_dpp_capab(hapd
)
1901 addr
= hapd
.own_addr().replace(':', '')
1902 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1904 cmd
+= " curve=" + curve
1905 res
= hapd
.request(cmd
)
1907 raise Exception("Failed to generate bootstrapping info")
1909 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
1911 cmd
= "DPP_CONFIGURATOR_ADD"
1913 cmd
+= " curve=" + conf_curve
1914 res
= dev
[0].request(cmd
)
1916 raise Exception("Failed to add configurator")
1919 if reconf_configurator
:
1920 csign
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
1921 if "FAIL" in csign
or len(csign
) == 0:
1922 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
1924 id = dev
[0].dpp_qr_code(uri
)
1926 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
1927 if "OK" not in dev
[0].request(cmd
):
1928 raise Exception("Failed to initiate DPP Authentication")
1929 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1931 raise Exception("DPP authentication did not succeed (Responder)")
1932 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1934 raise Exception("DPP authentication did not succeed (Initiator)")
1935 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
1937 raise Exception("DPP configuration not completed (Configurator)")
1938 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
1940 raise Exception("DPP configuration not completed (Enrollee)")
1941 if "DPP-CONF-FAILED" in ev
:
1942 raise Exception("DPP configuration failed")
1944 update_hapd_config(hapd
)
1946 addr
= dev
[1].own_addr().replace(':', '')
1947 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1949 cmd
+= " curve=" + curve
1950 res
= dev
[1].request(cmd
)
1952 raise Exception("Failed to generate bootstrapping info")
1954 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
1956 id0b
= dev
[0].dpp_qr_code(uri1
)
1958 if reconf_configurator
:
1959 res
= dev
[0].request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
1961 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
1962 cmd
= "DPP_CONFIGURATOR_ADD"
1964 cmd
+= " curve=" + conf_curve
1965 cmd
+= " key=" + csign
1966 res
= dev
[0].request(cmd
)
1968 raise Exception("Failed to add configurator (reconf)")
1971 cmd
= "DPP_LISTEN 2412"
1972 if "OK" not in dev
[1].request(cmd
):
1973 raise Exception("Failed to start listen operation")
1974 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id0b
, conf_id
)
1975 if "OK" not in dev
[0].request(cmd
):
1976 raise Exception("Failed to initiate DPP Authentication")
1977 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1979 raise Exception("DPP authentication did not succeed (Responder)")
1980 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1982 raise Exception("DPP authentication did not succeed (Initiator)")
1983 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
1985 raise Exception("DPP configuration not completed (Configurator)")
1986 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
1988 raise Exception("DPP configuration not completed (Enrollee)")
1989 dev
[1].request("DPP_STOP_LISTEN")
1991 ev
= dev
[1].wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1993 raise Exception("SSID not reported")
1994 ssid
= ev
.split(' ')[1]
1996 ev
= dev
[1].wait_event(["DPP-CONNECTOR"], timeout
=1)
1998 raise Exception("Connector not reported")
1999 connector
= ev
.split(' ')[1]
2001 ev
= dev
[1].wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
2003 raise Exception("C-sign-key not reported")
2007 ev
= dev
[1].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
2009 raise Exception("netAccessKey not reported")
2011 net_access_key
= p
[1]
2012 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
2014 dev
[1].dump_monitor()
2016 id = dev
[1].connect(ssid
, key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
2017 only_add_network
=True)
2018 dev
[1].set_network_quoted(id, "dpp_connector", connector
)
2019 dev
[1].set_network(id, "dpp_csign", csign
)
2020 dev
[1].set_network(id, "dpp_netaccesskey", net_access_key
)
2021 if net_access_key_expiry
:
2022 dev
[1].set_network(id, "dpp_netaccess_expiry", net_access_key_expiry
)
2024 logger
.info("Check data connection")
2025 dev
[1].select_network(id, freq
="2412")
2026 dev
[1].wait_connected()
2028 def test_dpp_auto_connect_1(dev
, apdev
):
2029 """DPP and auto connect (1)"""
2031 run_dpp_auto_connect(dev
, apdev
, 1)
2033 dev
[0].set("dpp_config_processing", "0")
2035 def test_dpp_auto_connect_2(dev
, apdev
):
2036 """DPP and auto connect (2)"""
2038 run_dpp_auto_connect(dev
, apdev
, 2)
2040 dev
[0].set("dpp_config_processing", "0")
2042 def test_dpp_auto_connect_2_connect_cmd(dev
, apdev
):
2043 """DPP and auto connect (2) using connect_cmd"""
2044 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
2045 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
2046 dev_new
= [ wpas
, dev
[1] ]
2048 run_dpp_auto_connect(dev_new
, apdev
, 2)
2050 wpas
.set("dpp_config_processing", "0")
2052 def run_dpp_auto_connect(dev
, apdev
, processing
):
2053 check_dpp_capab(dev
[0])
2054 check_dpp_capab(dev
[1])
2056 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2057 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2058 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2059 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2061 params
= { "ssid": "test",
2063 "wpa_key_mgmt": "DPP",
2065 "rsn_pairwise": "CCMP",
2066 "dpp_connector": ap_connector
,
2067 "dpp_csign": csign_pub
,
2068 "dpp_netaccesskey": ap_netaccesskey
}
2070 hapd
= hostapd
.add_ap(apdev
[0], params
)
2072 raise HwsimSkip("DPP not supported")
2074 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
2075 res
= dev
[1].request(cmd
)
2077 raise Exception("DPP_CONFIGURATOR_ADD failed")
2080 dev
[0].set("dpp_config_processing", str(processing
))
2081 addr
= dev
[0].own_addr().replace(':', '')
2082 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2083 res
= dev
[0].request(cmd
)
2085 raise Exception("Failed to generate bootstrapping info")
2087 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2089 id1
= dev
[1].dpp_qr_code(uri0
)
2091 cmd
= "DPP_LISTEN 2412"
2092 if "OK" not in dev
[0].request(cmd
):
2093 raise Exception("Failed to start listen operation")
2095 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
2096 if "OK" not in dev
[1].request(cmd
):
2097 raise Exception("Failed to initiate DPP Authentication")
2098 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2100 raise Exception("DPP configuration not completed (Configurator)")
2101 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2103 raise Exception("DPP configuration not completed (Enrollee)")
2104 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2106 raise Exception("DPP network profile not generated")
2107 id = ev
.split(' ')[1]
2110 dev
[0].select_network(id, freq
=2412)
2112 dev
[0].wait_connected()
2113 hwsim_utils
.test_connectivity(dev
[0], hapd
)
2115 def test_dpp_auto_connect_legacy(dev
, apdev
):
2116 """DPP and auto connect (legacy)"""
2118 run_dpp_auto_connect_legacy(dev
, apdev
)
2120 dev
[0].set("dpp_config_processing", "0")
2122 def test_dpp_auto_connect_legacy_sae_1(dev
, apdev
):
2123 """DPP and auto connect (legacy SAE)"""
2125 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', psk_sae
=True)
2127 dev
[0].set("dpp_config_processing", "0")
2129 def test_dpp_auto_connect_legacy_sae_2(dev
, apdev
):
2130 """DPP and auto connect (legacy SAE)"""
2132 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', sae_only
=True)
2134 dev
[0].set("dpp_config_processing", "0")
2136 def test_dpp_auto_connect_legacy_psk_sae_1(dev
, apdev
):
2137 """DPP and auto connect (legacy PSK+SAE)"""
2139 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2142 dev
[0].set("dpp_config_processing", "0")
2144 def test_dpp_auto_connect_legacy_psk_sae_2(dev
, apdev
):
2145 """DPP and auto connect (legacy PSK+SAE)"""
2147 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2150 dev
[0].set("dpp_config_processing", "0")
2152 def test_dpp_auto_connect_legacy_psk_sae_3(dev
, apdev
):
2153 """DPP and auto connect (legacy PSK+SAE)"""
2155 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae')
2157 dev
[0].set("dpp_config_processing", "0")
2159 def run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk',
2160 psk_sae
=False, sae_only
=False):
2161 check_dpp_capab(dev
[0])
2162 check_dpp_capab(dev
[1])
2164 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2165 passphrase
="secret passphrase")
2167 params
['wpa_key_mgmt'] = 'SAE'
2168 params
['ieee80211w'] = '2'
2170 params
['wpa_key_mgmt'] = 'WPA-PSK SAE'
2171 params
['ieee80211w'] = '1'
2172 params
['sae_require_mfp'] = '1'
2174 hapd
= hostapd
.add_ap(apdev
[0], params
)
2176 dev
[0].set("dpp_config_processing", "2")
2177 addr
= dev
[0].own_addr().replace(':', '')
2178 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2179 res
= dev
[0].request(cmd
)
2181 raise Exception("Failed to generate bootstrapping info")
2183 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2185 id1
= dev
[1].dpp_qr_code(uri0
)
2187 cmd
= "DPP_LISTEN 2412"
2188 if "OK" not in dev
[0].request(cmd
):
2189 raise Exception("Failed to start listen operation")
2191 cmd
= "DPP_AUTH_INIT peer=%d conf=%s ssid=%s pass=%s" % (id1
, conf
,
2192 binascii
.hexlify(b
"dpp-legacy").decode(),
2193 binascii
.hexlify(b
"secret passphrase").decode())
2194 if "OK" not in dev
[1].request(cmd
):
2195 raise Exception("Failed to initiate DPP Authentication")
2196 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2198 raise Exception("DPP configuration not completed (Configurator)")
2199 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2201 raise Exception("DPP configuration not completed (Enrollee)")
2202 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2204 raise Exception("DPP network profile not generated")
2205 id = ev
.split(' ')[1]
2207 dev
[0].wait_connected()
2209 def test_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2210 """DPP and auto connect (legacy, PMF required)"""
2212 run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
)
2214 dev
[0].set("dpp_config_processing", "0")
2216 def run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2217 check_dpp_capab(dev
[0])
2218 check_dpp_capab(dev
[1])
2220 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2221 passphrase
="secret passphrase")
2222 params
['wpa_key_mgmt'] = "WPA-PSK-SHA256"
2223 params
['ieee80211w'] = "2"
2224 hapd
= hostapd
.add_ap(apdev
[0], params
)
2226 dev
[0].set("dpp_config_processing", "2")
2227 addr
= dev
[0].own_addr().replace(':', '')
2228 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2229 res
= dev
[0].request(cmd
)
2231 raise Exception("Failed to generate bootstrapping info")
2233 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2235 id1
= dev
[1].dpp_qr_code(uri0
)
2237 cmd
= "DPP_LISTEN 2412"
2238 if "OK" not in dev
[0].request(cmd
):
2239 raise Exception("Failed to start listen operation")
2241 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s pass=%s" % (id1
,
2242 binascii
.hexlify(b
"dpp-legacy").decode(),
2243 binascii
.hexlify(b
"secret passphrase").decode())
2244 if "OK" not in dev
[1].request(cmd
):
2245 raise Exception("Failed to initiate DPP Authentication")
2246 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2248 raise Exception("DPP configuration not completed (Configurator)")
2249 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2251 raise Exception("DPP configuration not completed (Enrollee)")
2252 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2254 raise Exception("DPP network profile not generated")
2255 id = ev
.split(' ')[1]
2257 dev
[0].wait_connected()
2259 def test_dpp_qr_code_auth_responder_configurator(dev
, apdev
):
2260 """DPP QR Code and responder as the configurator"""
2261 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, "")
2263 def test_dpp_qr_code_auth_responder_configurator_group_id(dev
, apdev
):
2264 """DPP QR Code and responder as the configurator with group_id)"""
2265 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
,
2266 " group_id=test-group")
2268 def run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, extra
):
2269 check_dpp_capab(dev
[0])
2270 check_dpp_capab(dev
[1])
2271 cmd
= "DPP_CONFIGURATOR_ADD"
2272 res
= dev
[0].request(cmd
)
2274 raise Exception("Failed to add configurator")
2277 addr
= dev
[0].own_addr().replace(':', '')
2278 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2279 res
= dev
[0].request(cmd
)
2281 raise Exception("Failed to generate bootstrapping info")
2283 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2285 id1
= dev
[1].dpp_qr_code(uri0
)
2287 dev
[0].set("dpp_configurator_params",
2288 " conf=sta-dpp configurator=%d%s" % (conf_id
, extra
))
2289 cmd
= "DPP_LISTEN 2412 role=configurator"
2290 if "OK" not in dev
[0].request(cmd
):
2291 raise Exception("Failed to start listen operation")
2292 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2293 if "OK" not in dev
[1].request(cmd
):
2294 raise Exception("Failed to initiate DPP Authentication")
2295 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2297 raise Exception("DPP authentication did not succeed (Responder)")
2298 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2300 raise Exception("DPP authentication did not succeed (Initiator)")
2301 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2303 raise Exception("DPP configuration not completed (Configurator)")
2304 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2306 raise Exception("DPP configuration not completed (Enrollee)")
2307 dev
[0].request("DPP_STOP_LISTEN")
2308 dev
[0].dump_monitor()
2309 dev
[1].dump_monitor()
2311 def test_dpp_qr_code_hostapd_init(dev
, apdev
):
2312 """DPP QR Code and hostapd as initiator"""
2313 check_dpp_capab(dev
[0])
2314 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2316 check_dpp_capab(hapd
)
2318 cmd
= "DPP_CONFIGURATOR_ADD"
2319 res
= dev
[0].request(cmd
)
2321 raise Exception("Failed to add configurator")
2324 addr
= dev
[0].own_addr().replace(':', '')
2325 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2326 res
= dev
[0].request(cmd
)
2328 raise Exception("Failed to generate bootstrapping info")
2330 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2332 dev
[0].set("dpp_configurator_params",
2333 " conf=ap-dpp configurator=%d" % conf_id
)
2334 cmd
= "DPP_LISTEN 2437 role=configurator"
2335 if "OK" not in dev
[0].request(cmd
):
2336 raise Exception("Failed to start listen operation")
2338 id1
= hapd
.dpp_qr_code(uri0
)
2340 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2341 if "OK" not in hapd
.request(cmd
):
2342 raise Exception("Failed to initiate DPP Authentication")
2343 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2345 raise Exception("DPP authentication did not succeed (Responder)")
2346 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2348 raise Exception("DPP authentication did not succeed (Initiator)")
2349 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2351 raise Exception("DPP configuration not completed (Configurator)")
2352 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2354 raise Exception("DPP configuration not completed (Enrollee)")
2355 dev
[0].request("DPP_STOP_LISTEN")
2356 dev
[0].dump_monitor()
2358 def test_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
):
2359 """DPP QR Code and hostapd as initiator (offchannel)"""
2360 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, None)
2362 def test_dpp_qr_code_hostapd_init_offchannel_neg_freq(dev
, apdev
):
2363 """DPP QR Code and hostapd as initiator (offchannel, neg_freq)"""
2364 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, "neg_freq=2437")
2366 def run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, extra
):
2367 check_dpp_capab(dev
[0])
2368 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2370 check_dpp_capab(hapd
)
2372 cmd
= "DPP_CONFIGURATOR_ADD"
2373 res
= dev
[0].request(cmd
)
2375 raise Exception("Failed to add configurator")
2378 addr
= dev
[0].own_addr().replace(':', '')
2379 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,81/11 mac=" + addr
2380 res
= dev
[0].request(cmd
)
2382 raise Exception("Failed to generate bootstrapping info")
2384 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2386 dev
[0].set("dpp_configurator_params",
2387 " conf=ap-dpp configurator=%d" % conf_id
)
2388 cmd
= "DPP_LISTEN 2462 role=configurator"
2389 if "OK" not in dev
[0].request(cmd
):
2390 raise Exception("Failed to start listen operation")
2392 id1
= hapd
.dpp_qr_code(uri0
)
2394 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2397 if "OK" not in hapd
.request(cmd
):
2398 raise Exception("Failed to initiate DPP Authentication")
2399 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2401 raise Exception("DPP authentication did not succeed (Responder)")
2402 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2404 raise Exception("DPP authentication did not succeed (Initiator)")
2405 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2407 raise Exception("DPP configuration not completed (Configurator)")
2408 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2410 raise Exception("DPP configuration not completed (Enrollee)")
2411 dev
[0].request("DPP_STOP_LISTEN")
2412 dev
[0].dump_monitor()
2414 def test_dpp_test_vector_p_256(dev
, apdev
):
2415 """DPP P-256 test vector (mutual auth)"""
2416 check_dpp_capab(dev
[0])
2417 check_dpp_capab(dev
[1])
2419 # Responder bootstrapping key
2420 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2421 addr
= dev
[0].own_addr().replace(':', '')
2422 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2423 res
= dev
[0].request(cmd
)
2425 raise Exception("Failed to generate bootstrapping info")
2427 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2429 # Responder protocol keypair override
2430 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2431 dev
[0].set("dpp_protocol_key_override",
2432 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2434 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2436 # Initiator bootstrapping key
2437 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2438 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2439 res
= dev
[1].request(cmd
)
2441 raise Exception("Failed to generate bootstrapping info")
2443 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2445 # Initiator protocol keypair override
2446 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2447 dev
[1].set("dpp_protocol_key_override",
2448 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2450 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2452 id1peer
= dev
[1].dpp_qr_code(uri0
)
2453 id0peer
= dev
[0].dpp_qr_code(uri1
)
2455 cmd
= "DPP_LISTEN 2462 qr=mutual"
2456 if "OK" not in dev
[0].request(cmd
):
2457 raise Exception("Failed to start listen operation")
2459 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2460 if "OK" not in dev
[1].request(cmd
):
2461 raise Exception("Failed to initiate operation")
2463 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2465 raise Exception("DPP authentication did not succeed (Initiator)")
2466 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2468 raise Exception("DPP authentication did not succeed (Responder)")
2470 def test_dpp_test_vector_p_256_b(dev
, apdev
):
2471 """DPP P-256 test vector (Responder-only auth)"""
2472 check_dpp_capab(dev
[0])
2473 check_dpp_capab(dev
[1])
2475 # Responder bootstrapping key
2476 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2477 addr
= dev
[0].own_addr().replace(':', '')
2478 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2479 res
= dev
[0].request(cmd
)
2481 raise Exception("Failed to generate bootstrapping info")
2483 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2485 # Responder protocol keypair override
2486 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2487 dev
[0].set("dpp_protocol_key_override",
2488 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2490 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2492 # Initiator bootstrapping key
2493 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2494 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2495 res
= dev
[1].request(cmd
)
2497 raise Exception("Failed to generate bootstrapping info")
2499 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2501 # Initiator protocol keypair override
2502 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2503 dev
[1].set("dpp_protocol_key_override",
2504 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2506 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2508 id1peer
= dev
[1].dpp_qr_code(uri0
)
2510 cmd
= "DPP_LISTEN 2462"
2511 if "OK" not in dev
[0].request(cmd
):
2512 raise Exception("Failed to start listen operation")
2514 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2515 if "OK" not in dev
[1].request(cmd
):
2516 raise Exception("Failed to initiate operation")
2518 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2520 raise Exception("DPP authentication did not succeed (Initiator)")
2521 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2523 raise Exception("DPP authentication did not succeed (Responder)")
2525 def der_priv_key_p_521(priv
):
2526 if len(priv
) != 2 * 66:
2527 raise Exception("Unexpected der_priv_key_p_521 parameter: " + priv
)
2528 der_prefix
= "3081500201010442"
2529 der_postfix
= "a00706052b81040023"
2530 return der_prefix
+ priv
+ der_postfix
2532 def test_dpp_test_vector_p_521(dev
, apdev
):
2533 """DPP P-521 test vector (mutual auth)"""
2534 check_dpp_capab(dev
[0])
2535 check_dpp_capab(dev
[1])
2537 # Responder bootstrapping key
2538 priv
= "0061e54f518cdf859735da3dd64c6f72c2f086f41a6fd52915152ea2fe0f24ddaecd8883730c9c9fd82cf7c043a41021696388cf5190b731dd83638bcd56d8b6c743"
2539 addr
= dev
[0].own_addr().replace(':', '')
2540 #cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=" + der_prefix + priv + der_postfix
2541 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=" + der_priv_key_p_521(priv
)
2542 res
= dev
[0].request(cmd
)
2544 raise Exception("Failed to generate bootstrapping info")
2546 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2548 # Responder protocol keypair override
2549 priv
= "01d8b7b17cd1b0a33f7c66fb4220999329cdaf4f8b44b2ffadde8ab8ed8abffa9f5358c5b1caae26709ca4fb78e52a4d08f2e4f24111a36a6f440d20a0000ff51597"
2550 dev
[0].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2552 dev
[0].set("dpp_nonce_override",
2553 "d749a782012eb0a8595af30b2dfc8d0880d004ebddb55ecc5afbdef18c400e01")
2555 # Initiator bootstrapping key
2556 priv
= "0060c10df14af5ef27f6e362d31bdd9eeb44be77a323ba64b08f3f03d58b92cbfe05c182a91660caa081ca344243c47b5aa088bcdf738840eb35f0218b9f26881e02"
2557 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=" + der_priv_key_p_521(priv
)
2558 res
= dev
[1].request(cmd
)
2560 raise Exception("Failed to generate bootstrapping info")
2562 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2564 # Initiator protocol keypair override
2565 priv
= "019c1c08caaeec38fb931894699b095bc3ab8c1ec7ef0622d2e3eba821477c8c6fca41774f21166ad98aebda37c067d9aa08a8a2e1b5c44c61f2bae02a61f85d9661"
2566 dev
[1].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2568 dev
[1].set("dpp_nonce_override",
2569 "de972af3847bec3ba2aedd9f5c21cfdec7bf0bc5fe8b276cbcd0267807fb15b0")
2571 id1peer
= dev
[1].dpp_qr_code(uri0
)
2572 id0peer
= dev
[0].dpp_qr_code(uri1
)
2574 cmd
= "DPP_LISTEN 2462 qr=mutual"
2575 if "OK" not in dev
[0].request(cmd
):
2576 raise Exception("Failed to start listen operation")
2578 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2579 if "OK" not in dev
[1].request(cmd
):
2580 raise Exception("Failed to initiate operation")
2582 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2584 raise Exception("DPP authentication did not succeed (Initiator)")
2585 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2587 raise Exception("DPP authentication did not succeed (Responder)")
2589 def test_dpp_pkex(dev
, apdev
):
2591 run_dpp_pkex(dev
, apdev
)
2593 def test_dpp_pkex_p256(dev
, apdev
):
2594 """DPP and PKEX (P-256)"""
2595 run_dpp_pkex(dev
, apdev
, "P-256")
2597 def test_dpp_pkex_p384(dev
, apdev
):
2598 """DPP and PKEX (P-384)"""
2599 run_dpp_pkex(dev
, apdev
, "P-384")
2601 def test_dpp_pkex_p521(dev
, apdev
):
2602 """DPP and PKEX (P-521)"""
2603 run_dpp_pkex(dev
, apdev
, "P-521")
2605 def test_dpp_pkex_bp256(dev
, apdev
):
2606 """DPP and PKEX (BP-256)"""
2607 run_dpp_pkex(dev
, apdev
, "brainpoolP256r1")
2609 def test_dpp_pkex_bp384(dev
, apdev
):
2610 """DPP and PKEX (BP-384)"""
2611 run_dpp_pkex(dev
, apdev
, "brainpoolP384r1")
2613 def test_dpp_pkex_bp512(dev
, apdev
):
2614 """DPP and PKEX (BP-512)"""
2615 run_dpp_pkex(dev
, apdev
, "brainpoolP512r1")
2617 def test_dpp_pkex_config(dev
, apdev
):
2618 """DPP and PKEX with initiator as the configurator"""
2619 check_dpp_capab(dev
[1])
2621 cmd
= "DPP_CONFIGURATOR_ADD"
2622 res
= dev
[1].request(cmd
)
2624 raise Exception("Failed to add configurator")
2627 run_dpp_pkex(dev
, apdev
,
2628 init_extra
="conf=sta-dpp configurator=%d" % (conf_id
),
2631 def test_dpp_pkex_no_identifier(dev
, apdev
):
2632 """DPP and PKEX without identifier"""
2633 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
=None)
2635 def test_dpp_pkex_identifier_mismatch(dev
, apdev
):
2636 """DPP and PKEX with different identifiers"""
2637 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
="bar",
2638 expect_no_resp
=True)
2640 def test_dpp_pkex_identifier_mismatch2(dev
, apdev
):
2641 """DPP and PKEX with initiator using identifier and the responder not"""
2642 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
=None,
2643 expect_no_resp
=True)
2645 def test_dpp_pkex_identifier_mismatch3(dev
, apdev
):
2646 """DPP and PKEX with responder using identifier and the initiator not"""
2647 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
="bar",
2648 expect_no_resp
=True)
2650 def run_dpp_pkex(dev
, apdev
, curve
=None, init_extra
="", check_config
=False,
2651 identifier_i
="test", identifier_r
="test",
2652 expect_no_resp
=False):
2653 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
2654 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
2656 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2658 cmd
+= " curve=" + curve
2659 res
= dev
[0].request(cmd
)
2661 raise Exception("Failed to generate bootstrapping info")
2664 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2666 cmd
+= " curve=" + curve
2667 res
= dev
[1].request(cmd
)
2669 raise Exception("Failed to generate bootstrapping info")
2672 identifier
= " identifier=" + identifier_r
if identifier_r
else ""
2673 cmd
= "DPP_PKEX_ADD own=%d%s code=secret" % (id0
, identifier
)
2674 res
= dev
[0].request(cmd
)
2676 raise Exception("Failed to set PKEX data (responder)")
2677 cmd
= "DPP_LISTEN 2437"
2678 if "OK" not in dev
[0].request(cmd
):
2679 raise Exception("Failed to start listen operation")
2681 identifier
= " identifier=" + identifier_i
if identifier_i
else ""
2682 cmd
= "DPP_PKEX_ADD own=%d%s init=1 %s code=secret" % (id1
, identifier
,
2684 res
= dev
[1].request(cmd
)
2686 raise Exception("Failed to set PKEX data (initiator)")
2689 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=10)
2691 raise Exception("DPP PKEX frame not received")
2692 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=1)
2694 raise Exception("DPP authentication succeeded")
2695 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=0.1)
2697 raise Exception("DPP authentication succeeded")
2700 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2702 raise Exception("DPP authentication did not succeed (Initiator)")
2703 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2705 raise Exception("DPP authentication did not succeed (Responder)")
2708 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
2710 raise Exception("DPP configuration not completed (Configurator)")
2711 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2713 raise Exception("DPP configuration not completed (Enrollee)")
2715 def test_dpp_pkex_5ghz(dev
, apdev
):
2716 """DPP and PKEX on 5 GHz"""
2718 dev
[0].request("SET country US")
2719 dev
[1].request("SET country US")
2720 ev
= dev
[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout
=1)
2722 ev
= dev
[0].wait_global_event(["CTRL-EVENT-REGDOM-CHANGE"],
2724 run_dpp_pkex_5ghz(dev
, apdev
)
2726 dev
[0].request("SET country 00")
2727 dev
[1].request("SET country 00")
2728 subprocess
.call(['iw', 'reg', 'set', '00'])
2731 def run_dpp_pkex_5ghz(dev
, apdev
):
2732 check_dpp_capab(dev
[0])
2733 check_dpp_capab(dev
[1])
2735 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2736 res
= dev
[0].request(cmd
)
2738 raise Exception("Failed to generate bootstrapping info")
2741 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2742 res
= dev
[1].request(cmd
)
2744 raise Exception("Failed to generate bootstrapping info")
2747 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2748 res
= dev
[0].request(cmd
)
2750 raise Exception("Failed to set PKEX data (responder)")
2751 cmd
= "DPP_LISTEN 5745"
2752 if "OK" not in dev
[0].request(cmd
):
2753 raise Exception("Failed to start listen operation")
2755 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % (id1
)
2756 res
= dev
[1].request(cmd
)
2758 raise Exception("Failed to set PKEX data (initiator)")
2760 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout
=20)
2761 if ev
is None or "DPP-AUTH-SUCCESS" not in ev
:
2762 raise Exception("DPP authentication did not succeed (Initiator)")
2763 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2765 raise Exception("DPP authentication did not succeed (Responder)")
2767 def test_dpp_pkex_test_vector(dev
, apdev
):
2768 """DPP and PKEX (P-256) test vector"""
2769 check_dpp_capab(dev
[0])
2770 check_dpp_capab(dev
[1])
2772 init_addr
= "ac:64:91:f4:52:07"
2773 resp_addr
= "6e:5e:ce:6e:f3:dd"
2775 identifier
= "joes_key"
2776 code
= "thisisreallysecret"
2778 # Initiator bootstrapping private key
2779 init_priv
= "5941b51acfc702cdc1c347264beb2920db88eb1a0bf03a211868b1632233c269"
2781 # Responder bootstrapping private key
2782 resp_priv
= "2ae8956293f49986b6d0b8169a86805d9232babb5f6813fdfe96f19d59536c60"
2784 # Initiator x/X keypair override
2785 init_x_priv
= "8365c5ed93d751bef2d92b410dc6adfd95670889183fac1bd66759ad85c3187a"
2787 # Responder y/Y keypair override
2788 resp_y_priv
= "d98faa24d7dd3f592665d71a95c862bfd02c4c48acb0c515a41cbc6e929675ea"
2790 p256_prefix
= "30310201010420"
2791 p256_postfix
= "a00a06082a8648ce3d030107"
2793 dev
[0].set("dpp_pkex_own_mac_override", resp_addr
)
2794 dev
[0].set("dpp_pkex_peer_mac_override", init_addr
)
2795 dev
[1].set("dpp_pkex_own_mac_override", init_addr
)
2796 dev
[1].set("dpp_pkex_peer_mac_override", resp_addr
)
2798 # Responder bootstrapping key
2799 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ resp_priv
+ p256_postfix
2800 res
= dev
[0].request(cmd
)
2802 raise Exception("Failed to generate bootstrapping info")
2805 # Responder y/Y keypair override
2806 dev
[0].set("dpp_pkex_ephemeral_key_override",
2807 p256_prefix
+ resp_y_priv
+ p256_postfix
)
2809 # Initiator bootstrapping key
2810 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ init_priv
+ p256_postfix
2811 res
= dev
[1].request(cmd
)
2813 raise Exception("Failed to generate bootstrapping info")
2816 # Initiator x/X keypair override
2817 dev
[1].set("dpp_pkex_ephemeral_key_override",
2818 p256_prefix
+ init_x_priv
+ p256_postfix
)
2820 cmd
= "DPP_PKEX_ADD own=%d identifier=%s code=%s" % (id0
, identifier
, code
)
2821 res
= dev
[0].request(cmd
)
2823 raise Exception("Failed to set PKEX data (responder)")
2824 cmd
= "DPP_LISTEN 2437"
2825 if "OK" not in dev
[0].request(cmd
):
2826 raise Exception("Failed to start listen operation")
2828 cmd
= "DPP_PKEX_ADD own=%d identifier=%s init=1 code=%s" % (id1
, identifier
, code
)
2829 res
= dev
[1].request(cmd
)
2831 raise Exception("Failed to set PKEX data (initiator)")
2833 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2835 raise Exception("DPP authentication did not succeed (Initiator)")
2836 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2838 raise Exception("DPP authentication did not succeed (Responder)")
2840 def test_dpp_pkex_code_mismatch(dev
, apdev
):
2841 """DPP and PKEX with mismatching code"""
2842 check_dpp_capab(dev
[0])
2843 check_dpp_capab(dev
[1])
2845 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2846 res
= dev
[0].request(cmd
)
2848 raise Exception("Failed to generate bootstrapping info")
2851 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2852 res
= dev
[1].request(cmd
)
2854 raise Exception("Failed to generate bootstrapping info")
2857 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2858 res
= dev
[0].request(cmd
)
2860 raise Exception("Failed to set PKEX data (responder)")
2861 cmd
= "DPP_LISTEN 2437"
2862 if "OK" not in dev
[0].request(cmd
):
2863 raise Exception("Failed to start listen operation")
2865 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2866 res
= dev
[1].request(cmd
)
2868 raise Exception("Failed to set PKEX data (initiator)")
2870 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2872 raise Exception("Failure not reported")
2873 if "possible PKEX code mismatch" not in ev
:
2874 raise Exception("Unexpected result: " + ev
)
2876 dev
[0].dump_monitor()
2877 dev
[1].dump_monitor()
2879 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2880 res
= dev
[1].request(cmd
)
2882 raise Exception("Failed to set PKEX data (initiator, retry)")
2884 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2886 raise Exception("DPP authentication did not succeed (Initiator, retry)")
2887 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2889 raise Exception("DPP authentication did not succeed (Responder, retry)")
2891 def test_dpp_pkex_code_mismatch_limit(dev
, apdev
):
2892 """DPP and PKEX with mismatching code limit"""
2893 check_dpp_capab(dev
[0])
2894 check_dpp_capab(dev
[1])
2896 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2897 res
= dev
[0].request(cmd
)
2899 raise Exception("Failed to generate bootstrapping info")
2902 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2903 res
= dev
[1].request(cmd
)
2905 raise Exception("Failed to generate bootstrapping info")
2908 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2909 res
= dev
[0].request(cmd
)
2911 raise Exception("Failed to set PKEX data (responder)")
2912 cmd
= "DPP_LISTEN 2437"
2913 if "OK" not in dev
[0].request(cmd
):
2914 raise Exception("Failed to start listen operation")
2917 dev
[0].dump_monitor()
2918 dev
[1].dump_monitor()
2919 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2920 res
= dev
[1].request(cmd
)
2922 raise Exception("Failed to set PKEX data (initiator)")
2924 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2926 raise Exception("Failure not reported")
2927 if "possible PKEX code mismatch" not in ev
:
2928 raise Exception("Unexpected result: " + ev
)
2930 ev
= dev
[0].wait_event(["DPP-PKEX-T-LIMIT"], timeout
=1)
2932 raise Exception("PKEX t limit not reported")
2934 def test_dpp_pkex_curve_mismatch(dev
, apdev
):
2935 """DPP and PKEX with mismatching curve"""
2936 check_dpp_capab(dev
[0])
2937 check_dpp_capab(dev
[1])
2939 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
2940 res
= dev
[0].request(cmd
)
2942 raise Exception("Failed to generate bootstrapping info")
2945 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
2946 res
= dev
[1].request(cmd
)
2948 raise Exception("Failed to generate bootstrapping info")
2951 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2952 res
= dev
[0].request(cmd
)
2954 raise Exception("Failed to set PKEX data (responder)")
2955 cmd
= "DPP_LISTEN 2437"
2956 if "OK" not in dev
[0].request(cmd
):
2957 raise Exception("Failed to start listen operation")
2959 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2960 res
= dev
[1].request(cmd
)
2962 raise Exception("Failed to set PKEX data (initiator)")
2964 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2966 raise Exception("Failure not reported (dev 0)")
2967 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
2968 raise Exception("Unexpected result: " + ev
)
2970 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2972 raise Exception("Failure not reported (dev 1)")
2973 if "Peer indicated mismatching PKEX group - proposed 19" not in ev
:
2974 raise Exception("Unexpected result: " + ev
)
2976 def test_dpp_pkex_curve_mismatch_failure(dev
, apdev
):
2977 """DPP and PKEX with mismatching curve (local failure)"""
2978 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, "=dpp_pkex_rx_exchange_req")
2980 def test_dpp_pkex_curve_mismatch_failure2(dev
, apdev
):
2981 """DPP and PKEX with mismatching curve (local failure 2)"""
2982 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
,
2983 "dpp_pkex_build_exchange_resp")
2985 def run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, func
):
2986 check_dpp_capab(dev
[0])
2987 check_dpp_capab(dev
[1])
2989 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
2990 res
= dev
[0].request(cmd
)
2992 raise Exception("Failed to generate bootstrapping info")
2995 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
2996 res
= dev
[1].request(cmd
)
2998 raise Exception("Failed to generate bootstrapping info")
3001 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3002 res
= dev
[0].request(cmd
)
3004 raise Exception("Failed to set PKEX data (responder)")
3005 cmd
= "DPP_LISTEN 2437"
3006 if "OK" not in dev
[0].request(cmd
):
3007 raise Exception("Failed to start listen operation")
3009 with
alloc_fail(dev
[0], 1, func
):
3010 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3011 res
= dev
[1].request(cmd
)
3013 raise Exception("Failed to set PKEX data (initiator)")
3015 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3017 raise Exception("Failure not reported (dev 0)")
3018 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
3019 raise Exception("Unexpected result: " + ev
)
3021 def test_dpp_pkex_exchange_resp_processing_failure(dev
, apdev
):
3022 """DPP and PKEX with local failure in processing Exchange Resp"""
3023 check_dpp_capab(dev
[0])
3024 check_dpp_capab(dev
[1])
3026 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3027 res
= dev
[0].request(cmd
)
3029 raise Exception("Failed to generate bootstrapping info")
3032 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3033 res
= dev
[1].request(cmd
)
3035 raise Exception("Failed to generate bootstrapping info")
3038 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3039 res
= dev
[0].request(cmd
)
3041 raise Exception("Failed to set PKEX data (responder)")
3042 cmd
= "DPP_LISTEN 2437"
3043 if "OK" not in dev
[0].request(cmd
):
3044 raise Exception("Failed to start listen operation")
3046 with
fail_test(dev
[1], 1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_resp"):
3047 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3048 res
= dev
[1].request(cmd
)
3050 raise Exception("Failed to set PKEX data (initiator)")
3051 wait_fail_trigger(dev
[1], "GET_FAIL")
3053 def test_dpp_pkex_commit_reveal_req_processing_failure(dev
, apdev
):
3054 """DPP and PKEX with local failure in processing Commit Reveal Req"""
3055 check_dpp_capab(dev
[0])
3056 check_dpp_capab(dev
[1])
3058 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3059 res
= dev
[0].request(cmd
)
3061 raise Exception("Failed to generate bootstrapping info")
3064 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3065 res
= dev
[1].request(cmd
)
3067 raise Exception("Failed to generate bootstrapping info")
3070 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3071 res
= dev
[0].request(cmd
)
3073 raise Exception("Failed to set PKEX data (responder)")
3074 cmd
= "DPP_LISTEN 2437"
3075 if "OK" not in dev
[0].request(cmd
):
3076 raise Exception("Failed to start listen operation")
3078 with
alloc_fail(dev
[0], 1,
3079 "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"):
3080 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3081 res
= dev
[1].request(cmd
)
3083 raise Exception("Failed to set PKEX data (initiator)")
3084 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
3086 def test_dpp_pkex_config2(dev
, apdev
):
3087 """DPP and PKEX with responder as the configurator"""
3088 check_dpp_capab(dev
[0])
3090 cmd
= "DPP_CONFIGURATOR_ADD"
3091 res
= dev
[0].request(cmd
)
3093 raise Exception("Failed to add configurator")
3096 dev
[0].set("dpp_configurator_params",
3097 " conf=sta-dpp configurator=%d" % conf_id
)
3098 run_dpp_pkex2(dev
, apdev
)
3100 def run_dpp_pkex2(dev
, apdev
, curve
=None, init_extra
=""):
3101 check_dpp_capab(dev
[0])
3102 check_dpp_capab(dev
[1])
3104 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3106 cmd
+= " curve=" + curve
3107 res
= dev
[0].request(cmd
)
3109 raise Exception("Failed to generate bootstrapping info")
3112 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3114 cmd
+= " curve=" + curve
3115 res
= dev
[1].request(cmd
)
3117 raise Exception("Failed to generate bootstrapping info")
3120 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3121 res
= dev
[0].request(cmd
)
3123 raise Exception("Failed to set PKEX data (responder)")
3124 cmd
= "DPP_LISTEN 2437 role=configurator"
3125 if "OK" not in dev
[0].request(cmd
):
3126 raise Exception("Failed to start listen operation")
3128 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee %s code=secret" % (id1
, init_extra
)
3129 res
= dev
[1].request(cmd
)
3131 raise Exception("Failed to set PKEX data (initiator)")
3133 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3135 raise Exception("DPP authentication did not succeed (Initiator)")
3136 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3138 raise Exception("DPP authentication did not succeed (Responder)")
3140 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3142 raise Exception("DPP configuration not completed (Configurator)")
3143 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3145 raise Exception("DPP configuration not completed (Enrollee)")
3147 def test_dpp_pkex_no_responder(dev
, apdev
):
3148 """DPP and PKEX with no responder (retry behavior)"""
3149 check_dpp_capab(dev
[0])
3151 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3152 res
= dev
[0].request(cmd
)
3154 raise Exception("Failed to generate bootstrapping info")
3157 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3158 res
= dev
[0].request(cmd
)
3160 raise Exception("Failed to set PKEX data (initiator)")
3163 ev
= dev
[0].wait_event(["DPP-TX ", "DPP-FAIL"], timeout
=5)
3165 raise Exception("DPP PKEX failure not reported")
3166 if "DPP-FAIL" not in ev
:
3168 if "No response from PKEX peer" not in ev
:
3169 raise Exception("Unexpected failure reason: " + ev
)
3172 def test_dpp_pkex_after_retry(dev
, apdev
):
3173 """DPP and PKEX completing after retry"""
3174 check_dpp_capab(dev
[0])
3176 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3177 res
= dev
[0].request(cmd
)
3179 raise Exception("Failed to generate bootstrapping info")
3182 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3183 res
= dev
[0].request(cmd
)
3185 raise Exception("Failed to set PKEX data (initiator)")
3188 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3189 res
= dev
[1].request(cmd
)
3191 raise Exception("Failed to generate bootstrapping info")
3194 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
3195 res
= dev
[1].request(cmd
)
3197 raise Exception("Failed to set PKEX data (responder)")
3198 cmd
= "DPP_LISTEN 2437"
3199 if "OK" not in dev
[1].request(cmd
):
3200 raise Exception("Failed to start listen operation")
3202 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
3204 raise Exception("DPP authentication did not succeed (Responder)")
3205 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3207 raise Exception("DPP authentication did not succeed (Initiator)")
3208 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3210 raise Exception("DPP configuration not completed (Configurator)")
3211 # Ignore Enrollee result since configurator was not set here
3213 def test_dpp_pkex_hostapd_responder(dev
, apdev
):
3214 """DPP PKEX with hostapd as responder"""
3215 check_dpp_capab(dev
[0])
3216 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3218 check_dpp_capab(hapd
)
3220 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3221 res
= hapd
.request(cmd
)
3223 raise Exception("Failed to generate bootstrapping info (hostapd)")
3226 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id_h
)
3227 res
= hapd
.request(cmd
)
3229 raise Exception("Failed to set PKEX data (responder/hostapd)")
3231 cmd
= "DPP_CONFIGURATOR_ADD"
3232 res
= dev
[0].request(cmd
)
3234 raise Exception("Failed to add configurator")
3237 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3238 res
= dev
[0].request(cmd
)
3240 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3243 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=ap-dpp configurator=%d code=secret" % (id0
, conf_id
)
3244 res
= dev
[0].request(cmd
)
3246 raise Exception("Failed to set PKEX data (initiator/wpa_supplicant)")
3248 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3250 raise Exception("DPP authentication did not succeed (Initiator)")
3251 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3253 raise Exception("DPP authentication did not succeed (Responder)")
3254 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3256 raise Exception("DPP configuration not completed (Configurator)")
3257 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3259 raise Exception("DPP configuration not completed (Enrollee)")
3260 dev
[0].request("DPP_STOP_LISTEN")
3261 dev
[0].dump_monitor()
3263 def test_dpp_pkex_hostapd_initiator(dev
, apdev
):
3264 """DPP PKEX with hostapd as initiator"""
3265 check_dpp_capab(dev
[0])
3266 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3268 check_dpp_capab(hapd
)
3270 cmd
= "DPP_CONFIGURATOR_ADD"
3271 res
= dev
[0].request(cmd
)
3273 raise Exception("Failed to add configurator")
3276 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3277 res
= dev
[0].request(cmd
)
3279 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3282 dev
[0].set("dpp_configurator_params",
3283 " conf=ap-dpp configurator=%d" % conf_id
)
3285 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3286 res
= dev
[0].request(cmd
)
3288 raise Exception("Failed to set PKEX data (responder/wpa_supplicant)")
3290 cmd
= "DPP_LISTEN 2437 role=configurator"
3291 if "OK" not in dev
[0].request(cmd
):
3292 raise Exception("Failed to start listen operation")
3294 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3295 res
= hapd
.request(cmd
)
3297 raise Exception("Failed to generate bootstrapping info (hostapd)")
3300 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee code=secret" % (id_h
)
3301 res
= hapd
.request(cmd
)
3303 raise Exception("Failed to set PKEX data (initiator/hostapd)")
3305 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3307 raise Exception("DPP authentication did not succeed (Initiator)")
3308 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3310 raise Exception("DPP authentication did not succeed (Responder)")
3311 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3313 raise Exception("DPP configuration not completed (Configurator)")
3314 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3316 raise Exception("DPP configuration not completed (Enrollee)")
3317 dev
[0].request("DPP_STOP_LISTEN")
3318 dev
[0].dump_monitor()
3320 def test_dpp_hostapd_configurator(dev
, apdev
):
3321 """DPP with hostapd as configurator/initiator"""
3322 check_dpp_capab(dev
[0])
3323 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3325 check_dpp_capab(hapd
)
3327 cmd
= "DPP_CONFIGURATOR_ADD"
3328 res
= hapd
.request(cmd
)
3330 raise Exception("Failed to add configurator")
3333 addr
= dev
[0].own_addr().replace(':', '')
3334 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3335 res
= dev
[0].request(cmd
)
3337 raise Exception("Failed to generate bootstrapping info")
3339 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3341 id1
= hapd
.dpp_qr_code(uri0
)
3343 res
= hapd
.request("DPP_BOOTSTRAP_INFO %d" % id0
)
3345 raise Exception("DPP_BOOTSTRAP_INFO failed")
3346 if "type=QRCODE" not in res
:
3347 raise Exception("DPP_BOOTSTRAP_INFO did not report correct type")
3348 if "mac_addr=" + dev
[0].own_addr() not in res
:
3349 raise Exception("DPP_BOOTSTRAP_INFO did not report correct mac_addr")
3351 cmd
= "DPP_LISTEN 2412"
3352 if "OK" not in dev
[0].request(cmd
):
3353 raise Exception("Failed to start listen operation")
3354 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3355 if "OK" not in hapd
.request(cmd
):
3356 raise Exception("Failed to initiate DPP Authentication")
3358 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3360 raise Exception("DPP authentication did not succeed (Responder)")
3361 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3363 raise Exception("DPP authentication did not succeed (Initiator)")
3364 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3366 raise Exception("DPP configuration not completed (Configurator)")
3367 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3369 raise Exception("DPP configuration not completed (Enrollee)")
3370 dev
[0].request("DPP_STOP_LISTEN")
3371 dev
[0].dump_monitor()
3373 def test_dpp_hostapd_configurator_responder(dev
, apdev
):
3374 """DPP with hostapd as configurator/responder"""
3375 check_dpp_capab(dev
[0])
3376 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3378 check_dpp_capab(hapd
)
3380 cmd
= "DPP_CONFIGURATOR_ADD"
3381 res
= hapd
.request(cmd
)
3383 raise Exception("Failed to add configurator")
3386 hapd
.set("dpp_configurator_params",
3387 " conf=sta-dpp configurator=%d" % conf_id
)
3389 addr
= hapd
.own_addr().replace(':', '')
3390 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3391 res
= hapd
.request(cmd
)
3393 raise Exception("Failed to generate bootstrapping info")
3395 uri0
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3397 id1
= dev
[0].dpp_qr_code(uri0
)
3399 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3400 if "OK" not in dev
[0].request(cmd
):
3401 raise Exception("Failed to initiate DPP Authentication")
3403 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3405 raise Exception("DPP authentication did not succeed (Responder)")
3406 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3408 raise Exception("DPP authentication did not succeed (Initiator)")
3409 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3411 raise Exception("DPP configuration not completed (Configurator)")
3412 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3414 raise Exception("DPP configuration not completed (Enrollee)")
3415 dev
[0].request("DPP_STOP_LISTEN")
3416 dev
[0].dump_monitor()
3418 def test_dpp_own_config(dev
, apdev
):
3419 """DPP configurator signing own connector"""
3421 run_dpp_own_config(dev
, apdev
)
3423 dev
[0].set("dpp_config_processing", "0")
3425 def test_dpp_own_config_group_id(dev
, apdev
):
3426 """DPP configurator signing own connector"""
3428 run_dpp_own_config(dev
, apdev
, extra
=" group_id=test-group")
3430 dev
[0].set("dpp_config_processing", "0")
3432 def test_dpp_own_config_curve_mismatch(dev
, apdev
):
3433 """DPP configurator signing own connector using mismatching curve"""
3435 run_dpp_own_config(dev
, apdev
, own_curve
="BP-384", expect_failure
=True)
3437 dev
[0].set("dpp_config_processing", "0")
3439 def run_dpp_own_config(dev
, apdev
, own_curve
=None, expect_failure
=False,
3441 check_dpp_capab(dev
[0], own_curve
and "BP" in own_curve
)
3442 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3443 check_dpp_capab(hapd
)
3445 addr
= hapd
.own_addr().replace(':', '')
3446 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3447 res
= hapd
.request(cmd
)
3449 raise Exception("Failed to generate bootstrapping info")
3451 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3453 cmd
= "DPP_CONFIGURATOR_ADD"
3454 res
= dev
[0].request(cmd
)
3456 raise Exception("Failed to add configurator")
3459 id = dev
[0].dpp_qr_code(uri
)
3461 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d%s" % (id, conf_id
, extra
)
3462 if "OK" not in dev
[0].request(cmd
):
3463 raise Exception("Failed to initiate DPP Authentication")
3464 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3466 raise Exception("DPP authentication did not succeed (Responder)")
3467 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3469 raise Exception("DPP authentication did not succeed (Initiator)")
3470 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3472 raise Exception("DPP configuration not completed (Configurator)")
3473 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3475 raise Exception("DPP configuration not completed (Enrollee)")
3477 update_hapd_config(hapd
)
3479 dev
[0].set("dpp_config_processing", "1")
3480 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d%s" % (conf_id
, extra
)
3482 cmd
+= " curve=" + own_curve
3483 res
= dev
[0].request(cmd
)
3485 raise Exception("Failed to generate own configuration")
3487 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
3489 raise Exception("DPP network profile not generated")
3490 id = ev
.split(' ')[1]
3491 dev
[0].select_network(id, freq
="2412")
3493 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=1)
3495 raise Exception("Unexpected connection")
3496 dev
[0].request("DISCONNECT")
3498 dev
[0].wait_connected()
3500 def test_dpp_own_config_ap(dev
, apdev
):
3501 """DPP configurator (AP) signing own connector"""
3503 run_dpp_own_config_ap(dev
, apdev
)
3505 dev
[0].set("dpp_config_processing", "0")
3507 def test_dpp_own_config_ap_group_id(dev
, apdev
):
3508 """DPP configurator (AP) signing own connector (group_id)"""
3510 run_dpp_own_config_ap(dev
, apdev
, extra
=" group_id=test-group")
3512 dev
[0].set("dpp_config_processing", "0")
3514 def test_dpp_own_config_ap_reconf(dev
, apdev
):
3515 """DPP configurator (AP) signing own connector and configurator reconf"""
3517 run_dpp_own_config_ap(dev
, apdev
)
3519 dev
[0].set("dpp_config_processing", "0")
3521 def run_dpp_own_config_ap(dev
, apdev
, reconf_configurator
=False, extra
=""):
3522 check_dpp_capab(dev
[0])
3523 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3524 check_dpp_capab(hapd
)
3526 cmd
= "DPP_CONFIGURATOR_ADD"
3527 res
= hapd
.request(cmd
)
3529 raise Exception("Failed to add configurator")
3532 if reconf_configurator
:
3533 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
3534 if "FAIL" in csign
or len(csign
) == 0:
3535 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
3537 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d%s" % (conf_id
, extra
)
3538 res
= hapd
.request(cmd
)
3540 raise Exception("Failed to generate own configuration")
3541 update_hapd_config(hapd
)
3543 if reconf_configurator
:
3544 res
= hapd
.request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
3546 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
3547 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
3548 res
= hapd
.request(cmd
)
3550 raise Exception("Failed to add configurator (reconf)")
3553 addr
= dev
[0].own_addr().replace(':', '')
3554 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3555 res
= dev
[0].request(cmd
)
3557 raise Exception("Failed to generate bootstrapping info")
3559 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
3561 id = hapd
.dpp_qr_code(uri
)
3563 dev
[0].set("dpp_config_processing", "2")
3564 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
3565 raise Exception("Failed to start listen operation")
3566 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d%s" % (id, conf_id
, extra
)
3567 if "OK" not in hapd
.request(cmd
):
3568 raise Exception("Failed to initiate DPP Authentication")
3569 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3571 raise Exception("DPP authentication did not succeed (Initiator)")
3572 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3574 raise Exception("DPP configuration not completed (Configurator)")
3575 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
3577 raise Exception("DPP configuration not completed (Enrollee)")
3578 if "DPP-CONF-RECEIVED" not in ev
:
3579 raise Exception("DPP configuration failed (Enrollee)")
3581 dev
[0].wait_connected()
3583 def test_dpp_intro_mismatch(dev
, apdev
):
3584 """DPP network introduction mismatch cases"""
3587 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3588 wpas
.interface_add("wlan5")
3589 check_dpp_capab(wpas
)
3590 run_dpp_intro_mismatch(dev
, apdev
, wpas
)
3592 dev
[0].set("dpp_config_processing", "0")
3593 dev
[2].set("dpp_config_processing", "0")
3595 wpas
.set("dpp_config_processing", "0")
3597 def run_dpp_intro_mismatch(dev
, apdev
, wpas
):
3598 check_dpp_capab(dev
[0])
3599 check_dpp_capab(dev
[1])
3600 check_dpp_capab(dev
[2])
3602 logger
.info("Start AP in unconfigured state")
3603 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3604 check_dpp_capab(hapd
)
3606 addr
= hapd
.own_addr().replace(':', '')
3607 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3608 res
= hapd
.request(cmd
)
3610 raise Exception("Failed to generate bootstrapping info")
3612 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3614 logger
.info("Provision AP with DPP configuration")
3615 res
= dev
[1].request("DPP_CONFIGURATOR_ADD")
3617 raise Exception("Failed to add configurator")
3620 id = dev
[1].dpp_qr_code(uri
)
3622 dev
[1].set("dpp_groups_override", '[{"groupId":"a","netRole":"ap"}]')
3623 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
3624 if "OK" not in dev
[1].request(cmd
):
3625 raise Exception("Failed to initiate DPP Authentication")
3626 update_hapd_config(hapd
)
3628 logger
.info("Provision STA0 with DPP Connector that has mismatching groupId")
3629 dev
[0].set("dpp_config_processing", "2")
3630 addr
= dev
[0].own_addr().replace(':', '')
3631 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3632 res
= dev
[0].request(cmd
)
3634 raise Exception("Failed to generate bootstrapping info")
3636 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3638 id1
= dev
[1].dpp_qr_code(uri0
)
3640 cmd
= "DPP_LISTEN 2412"
3641 if "OK" not in dev
[0].request(cmd
):
3642 raise Exception("Failed to start listen operation")
3644 dev
[1].set("dpp_groups_override", '[{"groupId":"b","netRole":"sta"}]')
3645 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3646 if "OK" not in dev
[1].request(cmd
):
3647 raise Exception("Failed to initiate DPP Authentication")
3648 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3650 raise Exception("DPP configuration not completed (Configurator for STA0)")
3651 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3653 raise Exception("DPP configuration not completed (Enrollee STA0)")
3655 logger
.info("Provision STA2 with DPP Connector that has mismatching C-sign-key")
3656 dev
[2].set("dpp_config_processing", "2")
3657 addr
= dev
[2].own_addr().replace(':', '')
3658 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3659 res
= dev
[2].request(cmd
)
3661 raise Exception("Failed to generate bootstrapping info")
3663 uri2
= dev
[2].request("DPP_BOOTSTRAP_GET_URI %d" % id2
)
3665 id1
= dev
[1].dpp_qr_code(uri2
)
3667 cmd
= "DPP_LISTEN 2412"
3668 if "OK" not in dev
[2].request(cmd
):
3669 raise Exception("Failed to start listen operation")
3671 res
= dev
[1].request("DPP_CONFIGURATOR_ADD")
3673 raise Exception("Failed to add configurator")
3674 conf_id_2
= int(res
)
3675 dev
[1].set("dpp_groups_override", '')
3676 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id_2
)
3677 if "OK" not in dev
[1].request(cmd
):
3678 raise Exception("Failed to initiate DPP Authentication")
3679 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3681 raise Exception("DPP configuration not completed (Configurator for STA2)")
3682 ev
= dev
[2].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3684 raise Exception("DPP configuration not completed (Enrollee STA2)")
3686 logger
.info("Provision STA5 with DPP Connector that has mismatching netAccessKey EC group")
3687 wpas
.set("dpp_config_processing", "2")
3688 addr
= wpas
.own_addr().replace(':', '')
3689 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3690 cmd
+= " curve=P-521"
3691 res
= wpas
.request(cmd
)
3693 raise Exception("Failed to generate bootstrapping info")
3695 uri5
= wpas
.request("DPP_BOOTSTRAP_GET_URI %d" % id5
)
3697 id1
= dev
[1].dpp_qr_code(uri5
)
3699 cmd
= "DPP_LISTEN 2412"
3700 if "OK" not in wpas
.request(cmd
):
3701 raise Exception("Failed to start listen operation")
3703 dev
[1].set("dpp_groups_override", '')
3704 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3705 if "OK" not in dev
[1].request(cmd
):
3706 raise Exception("Failed to initiate DPP Authentication")
3707 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3709 raise Exception("DPP configuration not completed (Configurator for STA0)")
3710 ev
= wpas
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3712 raise Exception("DPP configuration not completed (Enrollee STA5)")
3714 logger
.info("Verify network introduction results")
3715 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
3717 raise Exception("DPP network introduction result not seen on STA0")
3718 if "status=8" not in ev
:
3719 raise Exception("Unexpected network introduction result on STA0: " + ev
)
3721 ev
= dev
[2].wait_event(["DPP-INTRO"], timeout
=5)
3723 raise Exception("DPP network introduction result not seen on STA2")
3724 if "status=8" not in ev
:
3725 raise Exception("Unexpected network introduction result on STA2: " + ev
)
3727 ev
= wpas
.wait_event(["DPP-INTRO"], timeout
=10)
3729 raise Exception("DPP network introduction result not seen on STA5")
3730 if "status=7" not in ev
:
3731 raise Exception("Unexpected network introduction result on STA5: " + ev
)
3733 def run_dpp_proto_init(dev
, test_dev
, test
, mutual
=False, unicast
=True,
3734 listen
=True, chan
="81/1", init_enrollee
=False,
3735 incompatible_roles
=False):
3736 check_dpp_capab(dev
[0])
3737 check_dpp_capab(dev
[1])
3738 dev
[test_dev
].set("dpp_test", str(test
))
3740 cmd
= "DPP_CONFIGURATOR_ADD"
3742 res
= dev
[0].request(cmd
)
3744 res
= dev
[1].request(cmd
)
3746 raise Exception("Failed to add configurator")
3749 addr
= dev
[0].own_addr().replace(':', '')
3750 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
3752 cmd
+= " chan=" + chan
3754 cmd
+= " mac=" + addr
3755 res
= dev
[0].request(cmd
)
3757 raise Exception("Failed to generate bootstrapping info")
3759 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3761 id1
= dev
[1].dpp_qr_code(uri0
)
3764 addr
= dev
[1].own_addr().replace(':', '')
3765 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
3767 raise Exception("Failed to generate bootstrapping info")
3769 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
3771 id0b
= dev
[0].dpp_qr_code(uri1b
)
3773 cmd
= "DPP_LISTEN 2412 qr=mutual"
3775 cmd
= "DPP_LISTEN 2412"
3778 if incompatible_roles
:
3779 cmd
+= " role=enrollee"
3781 cmd
+= " role=configurator"
3782 dev
[0].set("dpp_configurator_params",
3783 " conf=sta-dpp configurator=%d" % conf_id
)
3784 elif incompatible_roles
:
3785 cmd
+= " role=enrollee"
3788 if "OK" not in dev
[0].request(cmd
):
3789 raise Exception("Failed to start listen operation")
3792 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3794 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3795 if incompatible_roles
:
3796 cmd
+= " role=enrollee"
3798 cmd
+= " own=%d" % id1b
3799 if "OK" not in dev
[1].request(cmd
):
3800 raise Exception("Failed to initiate DPP Authentication")
3802 def test_dpp_proto_after_wrapped_data_auth_req(dev
, apdev
):
3803 """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
3804 run_dpp_proto_init(dev
, 1, 1)
3805 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3807 raise Exception("DPP Authentication Request not seen")
3808 if "type=0" not in ev
or "ignore=invalid-attributes" not in ev
:
3809 raise Exception("Unexpected RX info: " + ev
)
3810 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3812 raise Exception("Unexpected DPP message seen")
3814 def test_dpp_auth_req_stop_after_ack(dev
, apdev
):
3815 """DPP initiator stopping after ACK, but no response"""
3816 run_dpp_proto_init(dev
, 1, 1, listen
=True)
3817 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3819 raise Exception("Authentication failure not reported")
3821 def test_dpp_auth_req_retries(dev
, apdev
):
3822 """DPP initiator retries with no ACK"""
3823 check_dpp_capab(dev
[1])
3824 dev
[1].set("dpp_init_max_tries", "3")
3825 dev
[1].set("dpp_init_retry_time", "1000")
3826 dev
[1].set("dpp_resp_wait_time", "100")
3827 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False)
3830 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3832 raise Exception("Auth Req not sent (%d)" % i
)
3834 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3836 raise Exception("Authentication failure not reported")
3838 def test_dpp_auth_req_retries_multi_chan(dev
, apdev
):
3839 """DPP initiator retries with no ACK and multiple channels"""
3840 check_dpp_capab(dev
[1])
3841 dev
[1].set("dpp_init_max_tries", "3")
3842 dev
[1].set("dpp_init_retry_time", "1000")
3843 dev
[1].set("dpp_resp_wait_time", "100")
3844 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False,
3845 chan
="81/1,81/6,81/11")
3847 for i
in range(3 * 3):
3848 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3850 raise Exception("Auth Req not sent (%d)" % i
)
3852 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3854 raise Exception("Authentication failure not reported")
3856 def test_dpp_proto_after_wrapped_data_auth_resp(dev
, apdev
):
3857 """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
3858 run_dpp_proto_init(dev
, 0, 2)
3859 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
3861 raise Exception("DPP Authentication Response not seen")
3862 if "type=1" not in ev
or "ignore=invalid-attributes" not in ev
:
3863 raise Exception("Unexpected RX info: " + ev
)
3864 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3865 if ev
is None or "type=0" not in ev
:
3866 raise Exception("DPP Authentication Request not seen")
3867 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3869 raise Exception("Unexpected DPP message seen")
3871 def test_dpp_proto_after_wrapped_data_auth_conf(dev
, apdev
):
3872 """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
3873 run_dpp_proto_init(dev
, 1, 3)
3874 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3875 if ev
is None or "type=0" not in ev
:
3876 raise Exception("DPP Authentication Request not seen")
3877 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3879 raise Exception("DPP Authentication Confirm not seen")
3880 if "type=2" not in ev
or "ignore=invalid-attributes" not in ev
:
3881 raise Exception("Unexpected RX info: " + ev
)
3883 def test_dpp_proto_after_wrapped_data_conf_req(dev
, apdev
):
3884 """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
3885 run_dpp_proto_init(dev
, 0, 6)
3886 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3888 raise Exception("DPP Configuration failure not seen")
3890 def test_dpp_proto_after_wrapped_data_conf_resp(dev
, apdev
):
3891 """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
3892 run_dpp_proto_init(dev
, 1, 7)
3893 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3895 raise Exception("DPP Configuration failure not seen")
3897 def test_dpp_proto_zero_i_capab(dev
, apdev
):
3898 """DPP protocol testing - zero I-capability in Auth Req"""
3899 run_dpp_proto_init(dev
, 1, 8)
3900 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3902 raise Exception("DPP failure not seen")
3903 if "Invalid role in I-capabilities 0x00" not in ev
:
3904 raise Exception("Unexpected failure: " + ev
)
3905 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3907 raise Exception("Unexpected DPP message seen")
3909 def test_dpp_proto_zero_r_capab(dev
, apdev
):
3910 """DPP protocol testing - zero R-capability in Auth Resp"""
3911 run_dpp_proto_init(dev
, 0, 9)
3912 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3914 raise Exception("DPP failure not seen")
3915 if "Unexpected role in R-capabilities 0x00" not in ev
:
3916 raise Exception("Unexpected failure: " + ev
)
3917 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3918 if ev
is None or "type=0" not in ev
:
3919 raise Exception("DPP Authentication Request not seen")
3920 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3922 raise Exception("Unexpected DPP message seen")
3924 def run_dpp_proto_auth_req_missing(dev
, test
, reason
, mutual
=False):
3925 run_dpp_proto_init(dev
, 1, test
, mutual
=mutual
)
3926 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3928 raise Exception("DPP failure not seen")
3929 if reason
not in ev
:
3930 raise Exception("Unexpected failure: " + ev
)
3931 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3933 raise Exception("Unexpected DPP message seen")
3935 def test_dpp_proto_auth_req_no_r_bootstrap_key(dev
, apdev
):
3936 """DPP protocol testing - no R-bootstrap key in Auth Req"""
3937 run_dpp_proto_auth_req_missing(dev
, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
3939 def test_dpp_proto_auth_req_invalid_r_bootstrap_key(dev
, apdev
):
3940 """DPP protocol testing - invalid R-bootstrap key in Auth Req"""
3941 run_dpp_proto_auth_req_missing(dev
, 68, "No matching own bootstrapping key found - ignore message")
3943 def test_dpp_proto_auth_req_no_i_bootstrap_key(dev
, apdev
):
3944 """DPP protocol testing - no I-bootstrap key in Auth Req"""
3945 run_dpp_proto_auth_req_missing(dev
, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
3947 def test_dpp_proto_auth_req_invalid_i_bootstrap_key(dev
, apdev
):
3948 """DPP protocol testing - invalid I-bootstrap key in Auth Req"""
3949 run_dpp_proto_init(dev
, 1, 69, mutual
=True)
3950 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
3952 raise Exception("DPP scan request not seen")
3953 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
3955 raise Exception("DPP response pending indivation not seen")
3957 def test_dpp_proto_auth_req_no_i_proto_key(dev
, apdev
):
3958 """DPP protocol testing - no I-proto key in Auth Req"""
3959 run_dpp_proto_auth_req_missing(dev
, 12, "Missing required Initiator Protocol Key attribute")
3961 def test_dpp_proto_auth_req_invalid_i_proto_key(dev
, apdev
):
3962 """DPP protocol testing - invalid I-proto key in Auth Req"""
3963 run_dpp_proto_auth_req_missing(dev
, 66, "Invalid Initiator Protocol Key")
3965 def test_dpp_proto_auth_req_no_i_nonce(dev
, apdev
):
3966 """DPP protocol testing - no I-nonce in Auth Req"""
3967 run_dpp_proto_auth_req_missing(dev
, 13, "Missing or invalid I-nonce")
3969 def test_dpp_proto_auth_req_invalid_i_nonce(dev
, apdev
):
3970 """DPP protocol testing - invalid I-nonce in Auth Req"""
3971 run_dpp_proto_auth_req_missing(dev
, 81, "Missing or invalid I-nonce")
3973 def test_dpp_proto_auth_req_no_i_capab(dev
, apdev
):
3974 """DPP protocol testing - no I-capab in Auth Req"""
3975 run_dpp_proto_auth_req_missing(dev
, 14, "Missing or invalid I-capab")
3977 def test_dpp_proto_auth_req_no_wrapped_data(dev
, apdev
):
3978 """DPP protocol testing - no Wrapped Data in Auth Req"""
3979 run_dpp_proto_auth_req_missing(dev
, 15, "Missing or invalid required Wrapped Data attribute")
3981 def run_dpp_proto_auth_resp_missing(dev
, test
, reason
,
3982 incompatible_roles
=False):
3983 run_dpp_proto_init(dev
, 0, test
, mutual
=True,
3984 incompatible_roles
=incompatible_roles
)
3988 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3990 raise Exception("DPP failure not seen")
3991 if reason
not in ev
:
3992 raise Exception("Unexpected failure: " + ev
)
3993 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3994 if ev
is None or "type=0" not in ev
:
3995 raise Exception("DPP Authentication Request not seen")
3996 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3998 raise Exception("Unexpected DPP message seen")
4000 def test_dpp_proto_auth_resp_no_status(dev
, apdev
):
4001 """DPP protocol testing - no Status in Auth Resp"""
4002 run_dpp_proto_auth_resp_missing(dev
, 16, "Missing or invalid required DPP Status attribute")
4004 def test_dpp_proto_auth_resp_status_no_status(dev
, apdev
):
4005 """DPP protocol testing - no Status in Auth Resp(status)"""
4006 run_dpp_proto_auth_resp_missing(dev
, 16,
4007 "Missing or invalid required DPP Status attribute",
4008 incompatible_roles
=True)
4010 def test_dpp_proto_auth_resp_invalid_status(dev
, apdev
):
4011 """DPP protocol testing - invalid Status in Auth Resp"""
4012 run_dpp_proto_auth_resp_missing(dev
, 74, "Responder reported failure")
4014 def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev
, apdev
):
4015 """DPP protocol testing - no R-bootstrap key in Auth Resp"""
4016 run_dpp_proto_auth_resp_missing(dev
, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4018 def test_dpp_proto_auth_resp_status_no_r_bootstrap_key(dev
, apdev
):
4019 """DPP protocol testing - no R-bootstrap key in Auth Resp(status)"""
4020 run_dpp_proto_auth_resp_missing(dev
, 17,
4021 "Missing or invalid required Responder Bootstrapping Key Hash attribute",
4022 incompatible_roles
=True)
4024 def test_dpp_proto_auth_resp_invalid_r_bootstrap_key(dev
, apdev
):
4025 """DPP protocol testing - invalid R-bootstrap key in Auth Resp"""
4026 run_dpp_proto_auth_resp_missing(dev
, 70, "Unexpected Responder Bootstrapping Key Hash value")
4028 def test_dpp_proto_auth_resp_status_invalid_r_bootstrap_key(dev
, apdev
):
4029 """DPP protocol testing - invalid R-bootstrap key in Auth Resp(status)"""
4030 run_dpp_proto_auth_resp_missing(dev
, 70,
4031 "Unexpected Responder Bootstrapping Key Hash value",
4032 incompatible_roles
=True)
4034 def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev
, apdev
):
4035 """DPP protocol testing - no I-bootstrap key in Auth Resp"""
4036 run_dpp_proto_auth_resp_missing(dev
, 18, None)
4038 def test_dpp_proto_auth_resp_status_no_i_bootstrap_key(dev
, apdev
):
4039 """DPP protocol testing - no I-bootstrap key in Auth Resp(status)"""
4040 run_dpp_proto_auth_resp_missing(dev
, 18, None, incompatible_roles
=True)
4042 def test_dpp_proto_auth_resp_invalid_i_bootstrap_key(dev
, apdev
):
4043 """DPP protocol testing - invalid I-bootstrap key in Auth Resp"""
4044 run_dpp_proto_auth_resp_missing(dev
, 71, "Initiator Bootstrapping Key Hash attribute did not match")
4046 def test_dpp_proto_auth_resp_status_invalid_i_bootstrap_key(dev
, apdev
):
4047 """DPP protocol testing - invalid I-bootstrap key in Auth Resp(status)"""
4048 run_dpp_proto_auth_resp_missing(dev
, 71,
4049 "Initiator Bootstrapping Key Hash attribute did not match",
4050 incompatible_roles
=True)
4052 def test_dpp_proto_auth_resp_no_r_proto_key(dev
, apdev
):
4053 """DPP protocol testing - no R-Proto Key in Auth Resp"""
4054 run_dpp_proto_auth_resp_missing(dev
, 19, "Missing required Responder Protocol Key attribute")
4056 def test_dpp_proto_auth_resp_invalid_r_proto_key(dev
, apdev
):
4057 """DPP protocol testing - invalid R-Proto Key in Auth Resp"""
4058 run_dpp_proto_auth_resp_missing(dev
, 67, "Invalid Responder Protocol Key")
4060 def test_dpp_proto_auth_resp_no_r_nonce(dev
, apdev
):
4061 """DPP protocol testing - no R-nonce in Auth Resp"""
4062 run_dpp_proto_auth_resp_missing(dev
, 20, "Missing or invalid R-nonce")
4064 def test_dpp_proto_auth_resp_no_i_nonce(dev
, apdev
):
4065 """DPP protocol testing - no I-nonce in Auth Resp"""
4066 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce")
4068 def test_dpp_proto_auth_resp_status_no_i_nonce(dev
, apdev
):
4069 """DPP protocol testing - no I-nonce in Auth Resp(status)"""
4070 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce",
4071 incompatible_roles
=True)
4073 def test_dpp_proto_auth_resp_no_r_capab(dev
, apdev
):
4074 """DPP protocol testing - no R-capab in Auth Resp"""
4075 run_dpp_proto_auth_resp_missing(dev
, 22, "Missing or invalid R-capabilities")
4077 def test_dpp_proto_auth_resp_no_r_auth(dev
, apdev
):
4078 """DPP protocol testing - no R-auth in Auth Resp"""
4079 run_dpp_proto_auth_resp_missing(dev
, 23, "Missing or invalid Secondary Wrapped Data")
4081 def test_dpp_proto_auth_resp_no_wrapped_data(dev
, apdev
):
4082 """DPP protocol testing - no Wrapped Data in Auth Resp"""
4083 run_dpp_proto_auth_resp_missing(dev
, 24, "Missing or invalid required Wrapped Data attribute")
4085 def test_dpp_proto_auth_resp_i_nonce_mismatch(dev
, apdev
):
4086 """DPP protocol testing - I-nonce mismatch in Auth Resp"""
4087 run_dpp_proto_init(dev
, 0, 30, mutual
=True)
4088 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4090 raise Exception("DPP failure not seen")
4091 if "I-nonce mismatch" not in ev
:
4092 raise Exception("Unexpected failure: " + ev
)
4093 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
4094 if ev
is None or "type=0" not in ev
:
4095 raise Exception("DPP Authentication Request not seen")
4096 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
4098 raise Exception("Unexpected DPP message seen")
4100 def test_dpp_proto_auth_resp_incompatible_r_capab(dev
, apdev
):
4101 """DPP protocol testing - Incompatible R-capab in Auth Resp"""
4102 run_dpp_proto_init(dev
, 0, 31, mutual
=True)
4103 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4105 raise Exception("DPP failure not seen")
4106 if "Unexpected role in R-capabilities 0x02" not in ev
:
4107 raise Exception("Unexpected failure: " + ev
)
4108 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4110 raise Exception("DPP failure not seen")
4111 if "Peer reported incompatible R-capab role" not in ev
:
4112 raise Exception("Unexpected failure: " + ev
)
4114 def test_dpp_proto_auth_resp_r_auth_mismatch(dev
, apdev
):
4115 """DPP protocol testing - R-auth mismatch in Auth Resp"""
4116 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4117 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4119 raise Exception("DPP failure not seen")
4120 if "Mismatching Responder Authenticating Tag" not in ev
:
4121 raise Exception("Unexpected failure: " + ev
)
4122 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4124 raise Exception("DPP failure not seen")
4125 if "Peer reported authentication failure" not in ev
:
4126 raise Exception("Unexpected failure: " + ev
)
4128 def test_dpp_proto_auth_resp_r_auth_mismatch_failure(dev
, apdev
):
4129 """DPP protocol testing - Auth Conf RX processing failure"""
4130 with
alloc_fail(dev
[0], 1, "dpp_auth_conf_rx_failure"):
4131 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4132 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4134 raise Exception("DPP failure not seen")
4135 if "Authentication failed" not in ev
:
4136 raise Exception("Unexpected failure: " + ev
)
4138 def test_dpp_proto_auth_resp_r_auth_mismatch_failure2(dev
, apdev
):
4139 """DPP protocol testing - Auth Conf RX processing failure 2"""
4140 with
fail_test(dev
[0], 1, "dpp_auth_conf_rx_failure"):
4141 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4142 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4144 raise Exception("DPP failure not seen")
4145 if "AES-SIV decryption failed" not in ev
:
4146 raise Exception("Unexpected failure: " + ev
)
4148 def run_dpp_proto_auth_conf_missing(dev
, test
, reason
):
4149 run_dpp_proto_init(dev
, 1, test
, mutual
=True)
4153 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4155 raise Exception("DPP failure not seen")
4156 if reason
not in ev
:
4157 raise Exception("Unexpected failure: " + ev
)
4159 def test_dpp_proto_auth_conf_no_status(dev
, apdev
):
4160 """DPP protocol testing - no Status in Auth Conf"""
4161 run_dpp_proto_auth_conf_missing(dev
, 25, "Missing or invalid required DPP Status attribute")
4163 def test_dpp_proto_auth_conf_invalid_status(dev
, apdev
):
4164 """DPP protocol testing - invalid Status in Auth Conf"""
4165 run_dpp_proto_auth_conf_missing(dev
, 75, "Authentication failed")
4167 def test_dpp_proto_auth_conf_no_r_bootstrap_key(dev
, apdev
):
4168 """DPP protocol testing - no R-bootstrap key in Auth Conf"""
4169 run_dpp_proto_auth_conf_missing(dev
, 26, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4171 def test_dpp_proto_auth_conf_invalid_r_bootstrap_key(dev
, apdev
):
4172 """DPP protocol testing - invalid R-bootstrap key in Auth Conf"""
4173 run_dpp_proto_auth_conf_missing(dev
, 72, "Responder Bootstrapping Key Hash mismatch")
4175 def test_dpp_proto_auth_conf_no_i_bootstrap_key(dev
, apdev
):
4176 """DPP protocol testing - no I-bootstrap key in Auth Conf"""
4177 run_dpp_proto_auth_conf_missing(dev
, 27, "Missing Initiator Bootstrapping Key Hash attribute")
4179 def test_dpp_proto_auth_conf_invalid_i_bootstrap_key(dev
, apdev
):
4180 """DPP protocol testing - invalid I-bootstrap key in Auth Conf"""
4181 run_dpp_proto_auth_conf_missing(dev
, 73, "Initiator Bootstrapping Key Hash mismatch")
4183 def test_dpp_proto_auth_conf_no_i_auth(dev
, apdev
):
4184 """DPP protocol testing - no I-Auth in Auth Conf"""
4185 run_dpp_proto_auth_conf_missing(dev
, 28, "Missing or invalid Initiator Authenticating Tag")
4187 def test_dpp_proto_auth_conf_no_wrapped_data(dev
, apdev
):
4188 """DPP protocol testing - no Wrapped Data in Auth Conf"""
4189 run_dpp_proto_auth_conf_missing(dev
, 29, "Missing or invalid required Wrapped Data attribute")
4191 def test_dpp_proto_auth_conf_i_auth_mismatch(dev
, apdev
):
4192 """DPP protocol testing - I-auth mismatch in Auth Conf"""
4193 run_dpp_proto_init(dev
, 1, 33, mutual
=True)
4194 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4196 raise Exception("DPP failure not seen")
4197 if "Mismatching Initiator Authenticating Tag" not in ev
:
4198 raise Excception("Unexpected failure: " + ev
)
4200 def test_dpp_proto_auth_conf_replaced_by_resp(dev
, apdev
):
4201 """DPP protocol testing - Auth Conf replaced by Resp"""
4202 run_dpp_proto_init(dev
, 1, 65, mutual
=True)
4203 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4205 raise Exception("DPP failure not seen")
4206 if "Unexpected Authentication Response" not in ev
:
4207 raise Excception("Unexpected failure: " + ev
)
4209 def run_dpp_proto_conf_req_missing(dev
, test
, reason
):
4210 run_dpp_proto_init(dev
, 0, test
)
4211 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4213 raise Exception("DPP failure not seen")
4214 if reason
not in ev
:
4215 raise Exception("Unexpected failure: " + ev
)
4217 def test_dpp_proto_conf_req_no_e_nonce(dev
, apdev
):
4218 """DPP protocol testing - no E-nonce in Conf Req"""
4219 run_dpp_proto_conf_req_missing(dev
, 51,
4220 "Missing or invalid Enrollee Nonce attribute")
4222 def test_dpp_proto_conf_req_invalid_e_nonce(dev
, apdev
):
4223 """DPP protocol testing - invalid E-nonce in Conf Req"""
4224 run_dpp_proto_conf_req_missing(dev
, 83,
4225 "Missing or invalid Enrollee Nonce attribute")
4227 def test_dpp_proto_conf_req_no_config_attr_obj(dev
, apdev
):
4228 """DPP protocol testing - no Config Attr Obj in Conf Req"""
4229 run_dpp_proto_conf_req_missing(dev
, 52,
4230 "Missing or invalid Config Attributes attribute")
4232 def test_dpp_proto_conf_req_invalid_config_attr_obj(dev
, apdev
):
4233 """DPP protocol testing - invalid Config Attr Obj in Conf Req"""
4234 run_dpp_proto_conf_req_missing(dev
, 76,
4235 "Unsupported wi-fi_tech")
4237 def test_dpp_proto_conf_req_no_wrapped_data(dev
, apdev
):
4238 """DPP protocol testing - no Wrapped Data in Conf Req"""
4239 run_dpp_proto_conf_req_missing(dev
, 53,
4240 "Missing or invalid required Wrapped Data attribute")
4242 def run_dpp_proto_conf_resp_missing(dev
, test
, reason
):
4243 run_dpp_proto_init(dev
, 1, test
)
4244 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4246 raise Exception("DPP failure not seen")
4247 if reason
not in ev
:
4248 raise Exception("Unexpected failure: " + ev
)
4250 def test_dpp_proto_conf_resp_no_e_nonce(dev
, apdev
):
4251 """DPP protocol testing - no E-nonce in Conf Resp"""
4252 run_dpp_proto_conf_resp_missing(dev
, 54,
4253 "Missing or invalid Enrollee Nonce attribute")
4255 def test_dpp_proto_conf_resp_no_config_obj(dev
, apdev
):
4256 """DPP protocol testing - no Config Object in Conf Resp"""
4257 run_dpp_proto_conf_resp_missing(dev
, 55,
4258 "Missing required Configuration Object attribute")
4260 def test_dpp_proto_conf_resp_no_status(dev
, apdev
):
4261 """DPP protocol testing - no Status in Conf Resp"""
4262 run_dpp_proto_conf_resp_missing(dev
, 56,
4263 "Missing or invalid required DPP Status attribute")
4265 def test_dpp_proto_conf_resp_no_wrapped_data(dev
, apdev
):
4266 """DPP protocol testing - no Wrapped Data in Conf Resp"""
4267 run_dpp_proto_conf_resp_missing(dev
, 57,
4268 "Missing or invalid required Wrapped Data attribute")
4270 def test_dpp_proto_conf_resp_invalid_status(dev
, apdev
):
4271 """DPP protocol testing - invalid Status in Conf Resp"""
4272 run_dpp_proto_conf_resp_missing(dev
, 58,
4273 "Configurator rejected configuration")
4275 def test_dpp_proto_conf_resp_e_nonce_mismatch(dev
, apdev
):
4276 """DPP protocol testing - E-nonce mismatch in Conf Resp"""
4277 run_dpp_proto_conf_resp_missing(dev
, 59,
4278 "Enrollee Nonce mismatch")
4280 def test_dpp_proto_stop_at_auth_req(dev
, apdev
):
4281 """DPP protocol testing - stop when receiving Auth Req"""
4282 run_dpp_proto_init(dev
, 0, 87)
4283 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4285 raise Exception("Authentication init failure not reported")
4287 def test_dpp_proto_stop_at_auth_resp(dev
, apdev
):
4288 """DPP protocol testing - stop when receiving Auth Resp"""
4289 run_dpp_proto_init(dev
, 1, 88)
4291 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4293 raise Exception("Auth Req TX not seen")
4295 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4297 raise Exception("Auth Resp TX not seen")
4299 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4301 raise Exception("Unexpected Auth Conf TX")
4303 def test_dpp_proto_stop_at_auth_conf(dev
, apdev
):
4304 """DPP protocol testing - stop when receiving Auth Conf"""
4305 run_dpp_proto_init(dev
, 0, 89, init_enrollee
=True)
4306 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=10)
4308 raise Exception("Enrollee did not start GAS")
4309 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4311 raise Exception("Enrollee did not time out GAS")
4312 if "result=TIMEOUT" not in ev
:
4313 raise Exception("Unexpected GAS result: " + ev
)
4315 def test_dpp_proto_stop_at_auth_conf_tx(dev
, apdev
):
4316 """DPP protocol testing - stop when transmitting Auth Conf (Registrar)"""
4317 run_dpp_proto_init(dev
, 1, 89, init_enrollee
=True)
4318 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4320 raise Exception("Authentication did not succeed (Initiator)")
4321 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4323 raise Exception("Authentication did not succeed (Responder)")
4324 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=0.1)
4326 raise Exception("Unexpected GAS query")
4328 # There is currently no timeout on GAS server side, so no event to wait for
4331 def test_dpp_proto_stop_at_auth_conf_tx2(dev
, apdev
):
4332 """DPP protocol testing - stop when transmitting Auth Conf (Enrollee)"""
4333 run_dpp_proto_init(dev
, 1, 89)
4334 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4336 raise Exception("Authentication did not succeed (Initiator)")
4337 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4339 raise Exception("Authentication did not succeed (Responder)")
4341 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
4342 if ev
is None or "result=TIMEOUT" not in ev
:
4343 raise Exception("GAS query did not time out")
4345 def test_dpp_proto_stop_at_conf_req(dev
, apdev
):
4346 """DPP protocol testing - stop when receiving Auth Req"""
4347 run_dpp_proto_init(dev
, 1, 90)
4348 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=10)
4350 raise Exception("Enrollee did not start GAS")
4351 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4353 raise Exception("Enrollee did not time out GAS")
4354 if "result=TIMEOUT" not in ev
:
4355 raise Exception("Unexpected GAS result: " + ev
)
4357 def run_dpp_proto_init_pkex(dev
, test_dev
, test
):
4358 check_dpp_capab(dev
[0])
4359 check_dpp_capab(dev
[1])
4360 dev
[test_dev
].set("dpp_test", str(test
))
4362 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4363 res
= dev
[0].request(cmd
)
4365 raise Exception("Failed to generate bootstrapping info")
4368 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4369 res
= dev
[1].request(cmd
)
4371 raise Exception("Failed to generate bootstrapping info")
4374 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4375 res
= dev
[0].request(cmd
)
4377 raise Exception("Failed to set PKEX data (responder)")
4378 cmd
= "DPP_LISTEN 2437"
4379 if "OK" not in dev
[0].request(cmd
):
4380 raise Exception("Failed to start listen operation")
4382 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
4383 res
= dev
[1].request(cmd
)
4385 raise Exception("Failed to set PKEX data (initiator)")
4387 def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev
, apdev
):
4388 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
4389 run_dpp_proto_init_pkex(dev
, 1, 4)
4390 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4391 if ev
is None or "type=7" not in ev
:
4392 raise Exception("PKEX Exchange Request not seen")
4393 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4394 if ev
is None or "type=9" not in ev
:
4395 raise Exception("PKEX Commit-Reveal Request not seen")
4396 if "ignore=invalid-attributes" not in ev
:
4397 raise Exception("Unexpected RX info: " + ev
)
4399 def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev
, apdev
):
4400 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
4401 run_dpp_proto_init_pkex(dev
, 0, 5)
4402 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4403 if ev
is None or "type=8" not in ev
:
4404 raise Exception("PKEX Exchange Response not seen")
4405 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4406 if ev
is None or "type=10" not in ev
:
4407 raise Exception("PKEX Commit-Reveal Response not seen")
4408 if "ignore=invalid-attributes" not in ev
:
4409 raise Exception("Unexpected RX info: " + ev
)
4411 def run_dpp_proto_pkex_req_missing(dev
, test
, reason
):
4412 run_dpp_proto_init_pkex(dev
, 1, test
)
4413 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4415 raise Exception("DPP failure not seen")
4416 if reason
not in ev
:
4417 raise Exception("Unexpected failure: " + ev
)
4419 def run_dpp_proto_pkex_resp_missing(dev
, test
, reason
):
4420 run_dpp_proto_init_pkex(dev
, 0, test
)
4421 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4423 raise Exception("DPP failure not seen")
4424 if reason
not in ev
:
4425 raise Exception("Unexpected failure: " + ev
)
4427 def test_dpp_proto_pkex_exchange_req_no_finite_cyclic_group(dev
, apdev
):
4428 """DPP protocol testing - no Finite Cyclic Group in PKEX Exchange Request"""
4429 run_dpp_proto_pkex_req_missing(dev
, 34,
4430 "Missing or invalid Finite Cyclic Group attribute")
4432 def test_dpp_proto_pkex_exchange_req_no_encrypted_key(dev
, apdev
):
4433 """DPP protocol testing - no Encrypted Key in PKEX Exchange Request"""
4434 run_dpp_proto_pkex_req_missing(dev
, 35,
4435 "Missing Encrypted Key attribute")
4437 def test_dpp_proto_pkex_exchange_resp_no_status(dev
, apdev
):
4438 """DPP protocol testing - no Status in PKEX Exchange Response"""
4439 run_dpp_proto_pkex_resp_missing(dev
, 36, "No DPP Status attribute")
4441 def test_dpp_proto_pkex_exchange_resp_no_encrypted_key(dev
, apdev
):
4442 """DPP protocol testing - no Encrypted Key in PKEX Exchange Response"""
4443 run_dpp_proto_pkex_resp_missing(dev
, 37, "Missing Encrypted Key attribute")
4445 def test_dpp_proto_pkex_cr_req_no_bootstrap_key(dev
, apdev
):
4446 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Request"""
4447 run_dpp_proto_pkex_req_missing(dev
, 38,
4448 "No valid peer bootstrapping key found")
4450 def test_dpp_proto_pkex_cr_req_no_i_auth_tag(dev
, apdev
):
4451 """DPP protocol testing - no I-Auth Tag in PKEX Commit-Reveal Request"""
4452 run_dpp_proto_pkex_req_missing(dev
, 39, "No valid u (I-Auth tag) found")
4454 def test_dpp_proto_pkex_cr_req_no_wrapped_data(dev
, apdev
):
4455 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Request"""
4456 run_dpp_proto_pkex_req_missing(dev
, 40, "Missing or invalid required Wrapped Data attribute")
4458 def test_dpp_proto_pkex_cr_resp_no_bootstrap_key(dev
, apdev
):
4459 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Response"""
4460 run_dpp_proto_pkex_resp_missing(dev
, 41,
4461 "No valid peer bootstrapping key found")
4463 def test_dpp_proto_pkex_cr_resp_no_r_auth_tag(dev
, apdev
):
4464 """DPP protocol testing - no R-Auth Tag in PKEX Commit-Reveal Response"""
4465 run_dpp_proto_pkex_resp_missing(dev
, 42, "No valid v (R-Auth tag) found")
4467 def test_dpp_proto_pkex_cr_resp_no_wrapped_data(dev
, apdev
):
4468 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Response"""
4469 run_dpp_proto_pkex_resp_missing(dev
, 43, "Missing or invalid required Wrapped Data attribute")
4471 def test_dpp_proto_pkex_exchange_req_invalid_encrypted_key(dev
, apdev
):
4472 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Request"""
4473 run_dpp_proto_pkex_req_missing(dev
, 44,
4474 "Invalid Encrypted Key value")
4476 def test_dpp_proto_pkex_exchange_resp_invalid_encrypted_key(dev
, apdev
):
4477 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Response"""
4478 run_dpp_proto_pkex_resp_missing(dev
, 45,
4479 "Invalid Encrypted Key value")
4481 def test_dpp_proto_pkex_exchange_resp_invalid_status(dev
, apdev
):
4482 """DPP protocol testing - invalid Status in PKEX Exchange Response"""
4483 run_dpp_proto_pkex_resp_missing(dev
, 46,
4484 "PKEX failed (peer indicated failure)")
4486 def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev
, apdev
):
4487 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request"""
4488 run_dpp_proto_pkex_req_missing(dev
, 47,
4489 "Peer bootstrapping key is invalid")
4491 def test_dpp_proto_pkex_cr_resp_invalid_bootstrap_key(dev
, apdev
):
4492 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Response"""
4493 run_dpp_proto_pkex_resp_missing(dev
, 48,
4494 "Peer bootstrapping key is invalid")
4496 def test_dpp_proto_pkex_cr_req_i_auth_tag_mismatch(dev
, apdev
):
4497 """DPP protocol testing - I-auth tag mismatch in PKEX Commit-Reveal Request"""
4498 run_dpp_proto_pkex_req_missing(dev
, 49, "No valid u (I-Auth tag) found")
4500 def test_dpp_proto_pkex_cr_resp_r_auth_tag_mismatch(dev
, apdev
):
4501 """DPP protocol testing - R-auth tag mismatch in PKEX Commit-Reveal Response"""
4502 run_dpp_proto_pkex_resp_missing(dev
, 50, "No valid v (R-Auth tag) found")
4504 def test_dpp_proto_stop_at_pkex_exchange_resp(dev
, apdev
):
4505 """DPP protocol testing - stop when receiving PKEX Exchange Response"""
4506 run_dpp_proto_init_pkex(dev
, 1, 84)
4508 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4510 raise Exception("PKEX Exchange Req TX not seen")
4512 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4514 raise Exception("PKEX Exchange Resp not seen")
4516 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4518 raise Exception("Unexpected PKEX CR Req TX")
4520 def test_dpp_proto_stop_at_pkex_cr_req(dev
, apdev
):
4521 """DPP protocol testing - stop when receiving PKEX CR Request"""
4522 run_dpp_proto_init_pkex(dev
, 0, 85)
4524 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4526 raise Exception("PKEX Exchange Req TX not seen")
4528 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4530 raise Exception("PKEX Exchange Resp not seen")
4532 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4534 raise Exception("PKEX CR Req TX not seen")
4536 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=0.1)
4538 raise Exception("Unexpected PKEX CR Resp TX")
4540 def test_dpp_proto_stop_at_pkex_cr_resp(dev
, apdev
):
4541 """DPP protocol testing - stop when receiving PKEX CR Response"""
4542 run_dpp_proto_init_pkex(dev
, 1, 86)
4544 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4546 raise Exception("PKEX Exchange Req TX not seen")
4548 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4550 raise Exception("PKEX Exchange Resp not seen")
4552 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4554 raise Exception("PKEX CR Req TX not seen")
4556 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4558 raise Exception("PKEX CR Resp TX not seen")
4560 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4562 raise Exception("Unexpected Auth Req TX")
4564 def test_dpp_proto_network_introduction(dev
, apdev
):
4565 """DPP protocol testing - network introduction"""
4566 check_dpp_capab(dev
[0])
4567 check_dpp_capab(dev
[1])
4569 params
= { "ssid": "dpp",
4571 "wpa_key_mgmt": "DPP",
4573 "rsn_pairwise": "CCMP",
4574 "dpp_connector": params1_ap_connector
,
4575 "dpp_csign": params1_csign
,
4576 "dpp_netaccesskey": params1_ap_netaccesskey
}
4578 hapd
= hostapd
.add_ap(apdev
[0], params
)
4580 raise HwsimSkip("DPP not supported")
4582 for test
in [ 60, 61, 80, 82 ]:
4583 dev
[0].set("dpp_test", str(test
))
4584 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4585 dpp_csign
=params1_csign
,
4586 dpp_connector
=params1_sta_connector
,
4587 dpp_netaccesskey
=params1_sta_netaccesskey
,
4590 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=10)
4591 if ev
is None or "type=5" not in ev
:
4592 raise Exception("Peer Discovery Request TX not reported")
4593 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=2)
4594 if ev
is None or "result=SUCCESS" not in ev
:
4595 raise Exception("Peer Discovery Request TX status not reported")
4597 ev
= hapd
.wait_event(["DPP-RX"], timeout
=10)
4598 if ev
is None or "type=5" not in ev
:
4599 raise Exception("Peer Discovery Request RX not reported")
4602 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4604 raise Exception("DPP-INTRO not reported for test 80")
4605 if "status=7" not in ev
:
4606 raise Exception("Unexpected result in test 80: " + ev
)
4608 dev
[0].request("REMOVE_NETWORK all")
4609 dev
[0].dump_monitor()
4611 dev
[0].set("dpp_test", "0")
4613 for test
in [ 62, 63, 64, 77, 78, 79 ]:
4614 hapd
.set("dpp_test", str(test
))
4615 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4616 dpp_csign
=params1_csign
,
4617 dpp_connector
=params1_sta_connector
,
4618 dpp_netaccesskey
=params1_sta_netaccesskey
,
4621 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4623 raise Exception("Peer introduction result not reported (test %d)" % test
)
4625 if "fail=transaction_id_mismatch" not in ev
:
4626 raise Exception("Connector validation failure not reported")
4628 if "status=254" not in ev
:
4629 raise Exception("Invalid status value not reported")
4631 if "fail=peer_connector_validation_failed" not in ev
:
4632 raise Exception("Connector validation failure not reported")
4633 elif "status=" in ev
:
4634 raise Exception("Unexpected peer introduction result (test %d): " % test
+ ev
)
4636 dev
[0].request("REMOVE_NETWORK all")
4637 dev
[0].dump_monitor()
4639 hapd
.set("dpp_test", "0")
4641 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4642 dpp_csign
=params1_csign
, dpp_connector
=params1_sta_connector
,
4643 dpp_netaccesskey
=params1_sta_netaccesskey
)
4645 def test_dpp_qr_code_no_chan_list_unicast(dev
, apdev
):
4646 """DPP QR Code and no channel list (unicast)"""
4647 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, None)
4649 def test_dpp_qr_code_chan_list_unicast(dev
, apdev
):
4650 """DPP QR Code and 2.4 GHz channels (unicast)"""
4651 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417,
4652 "81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13")
4654 def test_dpp_qr_code_chan_list_no_peer_unicast(dev
, apdev
):
4655 """DPP QR Code and channel list and no peer (unicast)"""
4656 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, "81/1,81/6,81/11",
4658 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4660 raise Exception("Initiation failure not reported")
4662 def test_dpp_qr_code_no_chan_list_broadcast(dev
, apdev
):
4663 """DPP QR Code and no channel list (broadcast)"""
4664 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, None)
4666 def test_dpp_qr_code_chan_list_broadcast(dev
, apdev
):
4667 """DPP QR Code and some 2.4 GHz channels (broadcast)"""
4668 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, "81/1,81/6,81/11",
4671 def run_dpp_qr_code_chan_list(dev
, apdev
, unicast
, listen_freq
, chanlist
,
4672 no_wait
=False, timeout
=5):
4673 check_dpp_capab(dev
[0])
4674 check_dpp_capab(dev
[1])
4675 dev
[1].set("dpp_init_max_tries", "3")
4676 dev
[1].set("dpp_init_retry_time", "100")
4677 dev
[1].set("dpp_resp_wait_time", "1000")
4679 logger
.info("dev0 displays QR Code")
4680 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
4682 cmd
+= " chan=" + chanlist
4684 addr
= dev
[0].own_addr().replace(':', '')
4685 cmd
+= " mac=" + addr
4686 res
= dev
[0].request(cmd
)
4688 raise Exception("Failed to generate bootstrapping info")
4690 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4692 logger
.info("dev1 scans QR Code")
4693 id1
= dev
[1].dpp_qr_code(uri0
)
4695 logger
.info("dev1 initiates DPP Authentication")
4696 cmd
= "DPP_LISTEN %d" % listen_freq
4697 if "OK" not in dev
[0].request(cmd
):
4698 raise Exception("Failed to start listen operation")
4699 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4700 if "OK" not in dev
[1].request(cmd
):
4701 raise Exception("Failed to initiate DPP Authentication")
4704 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=timeout
)
4706 raise Exception("DPP authentication did not succeed (Responder)")
4707 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4709 raise Exception("DPP authentication did not succeed (Initiator)")
4710 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
4712 raise Exception("DPP configuration not completed (Enrollee)")
4713 dev
[0].request("DPP_STOP_LISTEN")
4714 dev
[0].dump_monitor()
4715 dev
[1].dump_monitor()
4717 def test_dpp_qr_code_chan_list_no_match(dev
, apdev
):
4718 """DPP QR Code and no matching supported channel"""
4719 check_dpp_capab(dev
[0])
4720 check_dpp_capab(dev
[1])
4722 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=123/123"
4723 res
= dev
[0].request(cmd
)
4725 raise Exception("Failed to generate bootstrapping info")
4727 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4729 id1
= dev
[1].dpp_qr_code(uri0
)
4731 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4732 if "FAIL" not in dev
[1].request(cmd
):
4733 raise Exception("DPP Authentication started unexpectedly")
4735 def test_dpp_pkex_alloc_fail(dev
, apdev
):
4736 """DPP/PKEX and memory allocation failures"""
4737 check_dpp_capab(dev
[0])
4738 check_dpp_capab(dev
[1])
4740 tests
= [ (1, "=dpp_keygen_configurator"),
4741 (1, "base64_gen_encode;dpp_keygen_configurator") ]
4742 for count
, func
in tests
:
4743 with
alloc_fail(dev
[1], count
, func
):
4744 cmd
= "DPP_CONFIGURATOR_ADD"
4745 res
= dev
[1].request(cmd
)
4746 if "FAIL" not in res
:
4747 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4749 cmd
= "DPP_CONFIGURATOR_ADD"
4750 res
= dev
[1].request(cmd
)
4752 raise Exception("Failed to add configurator")
4755 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4756 res
= dev
[0].request(cmd
)
4758 raise Exception("Failed to generate bootstrapping info")
4761 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4762 res
= dev
[1].request(cmd
)
4764 raise Exception("Failed to generate bootstrapping info")
4767 # Local error cases on the Initiator
4768 tests
= [ (1, "dpp_get_pubkey_point"),
4769 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"),
4770 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"),
4771 (1, "dpp_alloc_msg;dpp_auth_build_req"),
4772 (1, "dpp_alloc_msg;dpp_auth_build_conf"),
4773 (1, "dpp_bootstrap_key_hash"),
4774 (1, "dpp_auth_init"),
4775 (1, "=dpp_auth_resp_rx"),
4776 (2, "=dpp_auth_resp_rx"),
4777 (1, "dpp_build_conf_start"),
4778 (1, "dpp_build_conf_obj_dpp"),
4779 (2, "dpp_build_conf_obj_dpp"),
4780 (3, "dpp_build_conf_obj_dpp"),
4781 (4, "dpp_build_conf_obj_dpp"),
4782 (5, "dpp_build_conf_obj_dpp"),
4783 (6, "dpp_build_conf_obj_dpp"),
4784 (7, "dpp_build_conf_obj_dpp"),
4785 (8, "dpp_build_conf_obj_dpp"),
4786 (1, "dpp_conf_req_rx"),
4787 (2, "dpp_conf_req_rx"),
4788 (3, "dpp_conf_req_rx"),
4789 (4, "dpp_conf_req_rx"),
4790 (5, "dpp_conf_req_rx"),
4791 (6, "dpp_conf_req_rx"),
4792 (7, "dpp_conf_req_rx"),
4793 (1, "dpp_pkex_init"),
4794 (2, "dpp_pkex_init"),
4795 (3, "dpp_pkex_init"),
4796 (1, "dpp_pkex_derive_z"),
4797 (1, "=dpp_pkex_rx_commit_reveal_resp"),
4798 (1, "dpp_get_pubkey_point;dpp_build_jwk"),
4799 (2, "dpp_get_pubkey_point;dpp_build_jwk"),
4800 (1, "dpp_get_pubkey_point;dpp_auth_init") ]
4801 for count
, func
in tests
:
4802 dev
[0].request("DPP_STOP_LISTEN")
4803 dev
[1].request("DPP_STOP_LISTEN")
4804 dev
[0].dump_monitor()
4805 dev
[1].dump_monitor()
4807 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4808 res
= dev
[0].request(cmd
)
4810 raise Exception("Failed to set PKEX data (responder)")
4811 cmd
= "DPP_LISTEN 2437"
4812 if "OK" not in dev
[0].request(cmd
):
4813 raise Exception("Failed to start listen operation")
4815 with
alloc_fail(dev
[1], count
, func
):
4816 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4818 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL", max_iter
=100)
4819 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4821 dev
[0].request("DPP_STOP_LISTEN")
4822 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4824 # Local error cases on the Responder
4825 tests
= [ (1, "dpp_get_pubkey_point"),
4826 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"),
4827 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"),
4828 (1, "dpp_alloc_msg;dpp_auth_build_resp"),
4829 (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"),
4830 (1, "=dpp_auth_req_rx"),
4831 (2, "=dpp_auth_req_rx"),
4832 (1, "=dpp_auth_conf_rx"),
4833 (1, "json_parse;dpp_parse_jws_prot_hdr"),
4834 (1, "json_get_member_base64url;dpp_parse_jws_prot_hdr"),
4835 (1, "json_get_member_base64url;dpp_parse_jwk"),
4836 (2, "json_get_member_base64url;dpp_parse_jwk"),
4837 (1, "json_parse;dpp_parse_connector"),
4838 (1, "dpp_parse_jwk;dpp_parse_connector"),
4839 (1, "dpp_parse_jwk;dpp_parse_cred_dpp"),
4840 (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"),
4841 (1, "base64_gen_decode;dpp_process_signed_connector"),
4842 (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"),
4843 (2, "base64_gen_decode;dpp_process_signed_connector"),
4844 (3, "base64_gen_decode;dpp_process_signed_connector"),
4845 (4, "base64_gen_decode;dpp_process_signed_connector"),
4846 (1, "json_parse;dpp_parse_conf_obj"),
4847 (1, "dpp_conf_resp_rx"),
4848 (1, "=dpp_pkex_derive_z"),
4849 (1, "=dpp_pkex_rx_exchange_req"),
4850 (2, "=dpp_pkex_rx_exchange_req"),
4851 (3, "=dpp_pkex_rx_exchange_req"),
4852 (1, "=dpp_pkex_rx_commit_reveal_req"),
4853 (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"),
4854 (1, "dpp_bootstrap_key_hash") ]
4855 for count
, func
in tests
:
4856 dev
[0].request("DPP_STOP_LISTEN")
4857 dev
[1].request("DPP_STOP_LISTEN")
4858 dev
[0].dump_monitor()
4859 dev
[1].dump_monitor()
4861 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4862 res
= dev
[0].request(cmd
)
4864 raise Exception("Failed to set PKEX data (responder)")
4865 cmd
= "DPP_LISTEN 2437"
4866 if "OK" not in dev
[0].request(cmd
):
4867 raise Exception("Failed to start listen operation")
4869 with
alloc_fail(dev
[0], count
, func
):
4870 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4872 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL", max_iter
=100)
4873 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4875 dev
[0].request("DPP_STOP_LISTEN")
4876 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4878 def test_dpp_pkex_test_fail(dev
, apdev
):
4879 """DPP/PKEX and local failures"""
4880 check_dpp_capab(dev
[0])
4881 check_dpp_capab(dev
[1])
4883 tests
= [ (1, "dpp_keygen_configurator") ]
4884 for count
, func
in tests
:
4885 with
fail_test(dev
[1], count
, func
):
4886 cmd
= "DPP_CONFIGURATOR_ADD"
4887 res
= dev
[1].request(cmd
)
4888 if "FAIL" not in res
:
4889 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4891 tests
= [ (1, "dpp_keygen") ]
4892 for count
, func
in tests
:
4893 with
fail_test(dev
[1], count
, func
):
4894 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4895 res
= dev
[1].request(cmd
)
4896 if "FAIL" not in res
:
4897 raise Exception("Unexpected DPP_BOOTSTRAP_GEN success")
4899 cmd
= "DPP_CONFIGURATOR_ADD"
4900 res
= dev
[1].request(cmd
)
4902 raise Exception("Failed to add configurator")
4905 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4906 res
= dev
[0].request(cmd
)
4908 raise Exception("Failed to generate bootstrapping info")
4911 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4912 res
= dev
[1].request(cmd
)
4914 raise Exception("Failed to generate bootstrapping info")
4917 # Local error cases on the Initiator
4918 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_req"),
4919 (1, "os_get_random;dpp_auth_init"),
4920 (1, "dpp_derive_k1;dpp_auth_init"),
4921 (1, "dpp_hkdf_expand;dpp_derive_k1;dpp_auth_init"),
4922 (1, "dpp_gen_i_auth;dpp_auth_build_conf"),
4923 (1, "aes_siv_encrypt;dpp_auth_build_conf"),
4924 (1, "dpp_derive_k2;dpp_auth_resp_rx"),
4925 (1, "dpp_hkdf_expand;dpp_derive_k2;dpp_auth_resp_rx"),
4926 (1, "dpp_derive_ke;dpp_auth_resp_rx"),
4927 (1, "dpp_hkdf_expand;dpp_derive_ke;dpp_auth_resp_rx"),
4928 (1, "dpp_gen_r_auth;dpp_auth_resp_rx"),
4929 (1, "aes_siv_encrypt;dpp_build_conf_resp"),
4930 (1, "dpp_pkex_derive_Qi;dpp_pkex_build_exchange_req"),
4931 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_req"),
4932 (1, "hmac_sha256_vector;dpp_pkex_rx_exchange_resp"),
4933 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_resp"),
4934 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_resp"),
4935 (1, "dpp_bootstrap_key_hash") ]
4936 for count
, func
in tests
:
4937 dev
[0].request("DPP_STOP_LISTEN")
4938 dev
[1].request("DPP_STOP_LISTEN")
4939 dev
[0].dump_monitor()
4940 dev
[1].dump_monitor()
4942 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4943 res
= dev
[0].request(cmd
)
4945 raise Exception("Failed to set PKEX data (responder)")
4946 cmd
= "DPP_LISTEN 2437"
4947 if "OK" not in dev
[0].request(cmd
):
4948 raise Exception("Failed to start listen operation")
4950 with
fail_test(dev
[1], count
, func
):
4951 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4953 wait_fail_trigger(dev
[1], "GET_FAIL", max_iter
=100)
4954 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4956 dev
[0].request("DPP_STOP_LISTEN")
4957 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4959 # Local error cases on the Responder
4960 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_resp"),
4961 (1, "aes_siv_encrypt;dpp_auth_build_resp;dpp_auth_build_resp_ok"),
4962 (1, "os_get_random;dpp_build_conf_req"),
4963 (1, "aes_siv_encrypt;dpp_build_conf_req"),
4964 (1, "os_get_random;dpp_auth_build_resp_ok"),
4965 (1, "dpp_derive_k2;dpp_auth_build_resp_ok"),
4966 (1, "dpp_derive_ke;dpp_auth_build_resp_ok"),
4967 (1, "dpp_gen_r_auth;dpp_auth_build_resp_ok"),
4968 (1, "aes_siv_encrypt;dpp_auth_build_resp_ok"),
4969 (1, "dpp_derive_k1;dpp_auth_req_rx"),
4970 (1, "aes_siv_decrypt;dpp_auth_req_rx"),
4971 (1, "aes_siv_decrypt;dpp_auth_conf_rx"),
4972 (1, "dpp_gen_i_auth;dpp_auth_conf_rx"),
4973 (1, "dpp_check_pubkey_match"),
4974 (1, "aes_siv_decrypt;dpp_conf_resp_rx"),
4975 (1, "hmac_sha256_kdf;dpp_pkex_derive_z"),
4976 (1, "dpp_pkex_derive_Qi;dpp_pkex_rx_exchange_req"),
4977 (1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_req"),
4978 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_resp"),
4979 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_req"),
4980 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req"),
4981 (2, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req") ]
4982 for count
, func
in tests
:
4983 dev
[0].request("DPP_STOP_LISTEN")
4984 dev
[1].request("DPP_STOP_LISTEN")
4985 dev
[0].dump_monitor()
4986 dev
[1].dump_monitor()
4988 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4989 res
= dev
[0].request(cmd
)
4991 raise Exception("Failed to set PKEX data (responder)")
4992 cmd
= "DPP_LISTEN 2437"
4993 if "OK" not in dev
[0].request(cmd
):
4994 raise Exception("Failed to start listen operation")
4996 with
fail_test(dev
[0], count
, func
):
4997 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4999 wait_fail_trigger(dev
[0], "GET_FAIL", max_iter
=100)
5000 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
5002 dev
[0].request("DPP_STOP_LISTEN")
5003 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
5005 def test_dpp_keygen_configurator_error(dev
, apdev
):
5006 """DPP Configurator keygen error case"""
5007 check_dpp_capab(dev
[0])
5008 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD curve=unknown"):
5009 raise Exception("Unexpected success of invalid DPP_CONFIGURATOR_ADD")
5011 def rx_process_frame(dev
):
5013 if "OK" not in dev
.request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
5014 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
5015 raise Exception("MGMT_RX_PROCESS failed")
5017 def wait_auth_success(responder
, initiator
):
5018 ev
= responder
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
5020 raise Exception("DPP authentication did not succeed (Responder)")
5021 ev
= initiator
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
5023 raise Exception("DPP authentication did not succeed (Initiator)")
5025 def wait_conf_completion(configurator
, enrollee
):
5026 ev
= configurator
.wait_event(["DPP-CONF-SENT"], timeout
=5)
5028 raise Exception("DPP configuration not completed (Configurator)")
5029 ev
= enrollee
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"],
5032 raise Exception("DPP configuration not completed (Enrollee)")
5035 addr
= dev
[0].own_addr().replace(':', '')
5036 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5037 res
= dev
[0].request(cmd
)
5039 raise Exception("Failed to generate bootstrapping info")
5041 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5043 id1
= dev
[1].dpp_qr_code(uri0
)
5045 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
5046 dev
[0].set("dpp_config_obj_override", conf
)
5048 dev
[0].set("ext_mgmt_frame_handling", "1")
5049 cmd
= "DPP_LISTEN 2412"
5050 if "OK" not in dev
[0].request(cmd
):
5051 raise Exception("Failed to start listen operation")
5052 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5053 if "OK" not in dev
[1].request(cmd
):
5054 raise Exception("Failed to initiate DPP Authentication")
5056 def test_dpp_gas_timeout_handling(dev
, apdev
):
5057 """DPP and GAS timeout handling"""
5058 check_dpp_capab(dev
[0])
5059 check_dpp_capab(dev
[1])
5062 # DPP Authentication Request
5063 rx_process_frame(dev
[0])
5065 # DPP Authentication Confirmation
5066 rx_process_frame(dev
[0])
5068 wait_auth_success(dev
[0], dev
[1])
5070 # DPP Configuration Request (GAS Initial Request frame)
5071 rx_process_frame(dev
[0])
5073 # DPP Configuration Request (GAS Comeback Request frame)
5074 rx_process_frame(dev
[0])
5076 # Wait for GAS timeout
5077 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
5079 raise Exception("DPP configuration not completed (Enrollee)")
5081 def test_dpp_gas_comeback_after_failure(dev
, apdev
):
5082 """DPP and GAS comeback after failure"""
5083 check_dpp_capab(dev
[0])
5084 check_dpp_capab(dev
[1])
5087 # DPP Authentication Request
5088 rx_process_frame(dev
[0])
5090 # DPP Authentication Confirmation
5091 rx_process_frame(dev
[0])
5093 wait_auth_success(dev
[0], dev
[1])
5095 # DPP Configuration Request (GAS Initial Request frame)
5096 rx_process_frame(dev
[0])
5098 # DPP Configuration Request (GAS Comeback Request frame)
5099 msg
= dev
[0].mgmt_rx()
5100 frame
= binascii
.hexlify(msg
['frame']).decode()
5101 with
alloc_fail(dev
[0], 1, "gas_build_comeback_resp;gas_server_handle_rx_comeback_req"):
5102 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5103 raise Exception("MGMT_RX_PROCESS failed")
5104 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5105 # Try the same frame again - this is expected to fail since the response has
5106 # already been freed.
5107 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5108 raise Exception("MGMT_RX_PROCESS failed")
5110 # DPP Configuration Request (GAS Comeback Request frame retry)
5111 msg
= dev
[0].mgmt_rx()
5113 def test_dpp_gas(dev
, apdev
):
5114 """DPP and GAS protocol testing"""
5115 check_dpp_capab(dev
[0])
5116 check_dpp_capab(dev
[1])
5119 # DPP Authentication Request
5120 rx_process_frame(dev
[0])
5122 # DPP Authentication Confirmation
5123 rx_process_frame(dev
[0])
5125 wait_auth_success(dev
[0], dev
[1])
5127 # DPP Configuration Request (GAS Initial Request frame)
5128 msg
= dev
[0].mgmt_rx()
5130 # Protected Dual of GAS Initial Request frame (dropped by GAS server)
5132 raise Exception("MGMT_RX_PROCESS failed. <Please retry>")
5133 frame
= binascii
.hexlify(msg
['frame'])
5134 frame
= frame
[0:48] + b
"09" + frame
[50:]
5135 frame
= frame
.decode()
5136 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5137 raise Exception("MGMT_RX_PROCESS failed")
5139 with
alloc_fail(dev
[0], 1, "gas_server_send_resp"):
5140 frame
= binascii
.hexlify(msg
['frame']).decode()
5141 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5142 raise Exception("MGMT_RX_PROCESS failed")
5143 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5145 with
alloc_fail(dev
[0], 1, "gas_build_initial_resp;gas_server_send_resp"):
5146 frame
= binascii
.hexlify(msg
['frame']).decode()
5147 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5148 raise Exception("MGMT_RX_PROCESS failed")
5149 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5151 # Add extra data after Query Request field to trigger
5152 # "GAS: Ignored extra data after Query Request field"
5153 frame
= binascii
.hexlify(msg
['frame']).decode() + "00"
5154 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5155 raise Exception("MGMT_RX_PROCESS failed")
5157 # DPP Configuration Request (GAS Comeback Request frame)
5158 rx_process_frame(dev
[0])
5160 # DPP Configuration Request (GAS Comeback Request frame)
5161 rx_process_frame(dev
[0])
5163 # DPP Configuration Request (GAS Comeback Request frame)
5164 rx_process_frame(dev
[0])
5166 wait_conf_completion(dev
[0], dev
[1])
5168 def test_dpp_truncated_attr(dev
, apdev
):
5169 """DPP and truncated attribute"""
5170 check_dpp_capab(dev
[0])
5171 check_dpp_capab(dev
[1])
5174 # DPP Authentication Request
5175 msg
= dev
[0].mgmt_rx()
5176 frame
= msg
['frame']
5178 # DPP: Truncated message - not enough room for the attribute - dropped
5179 frame1
= binascii
.hexlify(frame
[0:36]).decode()
5180 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame1
)):
5181 raise Exception("MGMT_RX_PROCESS failed")
5182 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5183 if ev
is None or "ignore=invalid-attributes" not in ev
:
5184 raise Exception("Invalid attribute error not reported")
5186 # DPP: Unexpected octets (3) after the last attribute
5187 frame2
= binascii
.hexlify(frame
).decode() + "000000"
5188 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
5189 raise Exception("MGMT_RX_PROCESS failed")
5190 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5191 if ev
is None or "ignore=invalid-attributes" not in ev
:
5192 raise Exception("Invalid attribute error not reported")
5194 def test_dpp_bootstrap_key_autogen_issues(dev
, apdev
):
5195 """DPP bootstrap key autogen issues"""
5196 check_dpp_capab(dev
[0])
5197 check_dpp_capab(dev
[1])
5199 logger
.info("dev0 displays QR Code")
5200 addr
= dev
[0].own_addr().replace(':', '')
5201 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5202 res
= dev
[0].request(cmd
)
5204 raise Exception("Failed to generate bootstrapping info")
5206 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5208 logger
.info("dev1 scans QR Code")
5209 id1
= dev
[1].dpp_qr_code(uri0
)
5211 logger
.info("dev1 initiates DPP Authentication")
5212 cmd
= "DPP_LISTEN 2412"
5213 if "OK" not in dev
[0].request(cmd
):
5214 raise Exception("Failed to start listen operation")
5215 with
alloc_fail(dev
[1], 1, "dpp_autogen_bootstrap_key"):
5216 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5217 if "FAIL" not in dev
[1].request(cmd
):
5218 raise Exception("Failure not reported")
5219 with
alloc_fail(dev
[1], 2, "=dpp_autogen_bootstrap_key"):
5220 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5221 if "FAIL" not in dev
[1].request(cmd
):
5222 raise Exception("Failure not reported")
5223 with
fail_test(dev
[1], 1, "dpp_keygen;dpp_autogen_bootstrap_key"):
5224 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5225 if "FAIL" not in dev
[1].request(cmd
):
5226 raise Exception("Failure not reported")
5227 dev
[0].request("DPP_STOP_LISTEN")
5229 def test_dpp_auth_resp_status_failure(dev
, apdev
):
5230 """DPP and Auth Resp(status) build failure"""
5231 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp"):
5232 run_dpp_proto_auth_resp_missing(dev
, 99999, None,
5233 incompatible_roles
=True)
5235 def test_dpp_auth_resp_aes_siv_issue(dev
, apdev
):
5236 """DPP Auth Resp AES-SIV issue"""
5237 check_dpp_capab(dev
[0])
5238 check_dpp_capab(dev
[1])
5240 logger
.info("dev0 displays QR Code")
5241 addr
= dev
[0].own_addr().replace(':', '')
5242 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5243 res
= dev
[0].request(cmd
)
5245 raise Exception("Failed to generate bootstrapping info")
5247 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5249 logger
.info("dev1 scans QR Code")
5250 id1
= dev
[1].dpp_qr_code(uri0
)
5252 logger
.info("dev1 initiates DPP Authentication")
5253 cmd
= "DPP_LISTEN 2412"
5254 if "OK" not in dev
[0].request(cmd
):
5255 raise Exception("Failed to start listen operation")
5256 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5257 with
fail_test(dev
[1], 1, "aes_siv_decrypt;dpp_auth_resp_rx"):
5258 if "OK" not in dev
[1].request(cmd
):
5259 raise Exception("Failed to initiate DPP Authentication")
5260 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
5261 if ev
is None or "AES-SIV decryption failed" not in ev
:
5262 raise Exception("AES-SIV decryption failure not reported")
5263 dev
[0].request("DPP_STOP_LISTEN")
5265 def test_dpp_invalid_legacy_params(dev
, apdev
):
5266 """DPP invalid legacy parameters"""
5267 check_dpp_capab(dev
[0])
5268 check_dpp_capab(dev
[1])
5270 addr
= dev
[0].own_addr().replace(':', '')
5271 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5272 res
= dev
[0].request(cmd
)
5274 raise Exception("Failed to generate bootstrapping info")
5276 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5278 id1
= dev
[1].dpp_qr_code(uri0
)
5281 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s" % (id1
, binascii
.hexlify(b
"dpp-legacy").decode())
5282 if "FAIL" not in dev
[1].request(cmd
):
5283 raise Exception("Invalid command not rejected")
5285 def test_dpp_invalid_legacy_params2(dev
, apdev
):
5286 """DPP invalid legacy parameters 2"""
5287 check_dpp_capab(dev
[0])
5288 check_dpp_capab(dev
[1])
5290 addr
= dev
[0].own_addr().replace(':', '')
5291 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5292 res
= dev
[0].request(cmd
)
5294 raise Exception("Failed to generate bootstrapping info")
5296 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5298 id1
= dev
[1].dpp_qr_code(uri0
)
5300 dev
[0].set("dpp_configurator_params",
5301 " conf=sta-psk ssid=%s" % (binascii
.hexlify(b
"dpp-legacy").decode()))
5302 cmd
= "DPP_LISTEN 2412 role=configurator"
5303 if "OK" not in dev
[0].request(cmd
):
5304 raise Exception("Failed to start listen operation")
5307 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5308 if "OK" not in dev
[1].request(cmd
):
5309 raise Exception("Failed to initiate DPP Authentication")
5310 ev
= dev
[0].wait_event(["DPP: Failed to set configurator parameters"],
5313 raise Exception("DPP configuration failure not reported")
5315 def test_dpp_legacy_params_failure(dev
, apdev
):
5316 """DPP legacy parameters local failure"""
5317 check_dpp_capab(dev
[0])
5318 check_dpp_capab(dev
[1])
5320 addr
= dev
[0].own_addr().replace(':', '')
5321 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5322 res
= dev
[0].request(cmd
)
5324 raise Exception("Failed to generate bootstrapping info")
5326 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5328 id1
= dev
[1].dpp_qr_code(uri0
)
5330 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5331 raise Exception("Failed to start listen operation")
5333 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk pass=%s ssid=%s" % (id1
,
5334 binascii
.hexlify(b
"passphrase").decode(),
5335 binascii
.hexlify(b
"dpp-legacy").decode())
5336 with
alloc_fail(dev
[1], 1, "dpp_build_conf_obj_legacy"):
5337 if "OK" not in dev
[1].request(cmd
):
5338 raise Exception("Failed to initiate DPP")
5339 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=5)
5341 raise Exception("DPP configuration failure not reported")
5343 def test_dpp_invalid_configurator_key(dev
, apdev
):
5344 """DPP invalid configurator key"""
5345 check_dpp_capab(dev
[0])
5347 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=aa"):
5348 raise Exception("Invalid key accepted")
5350 with
alloc_fail(dev
[0], 1, "dpp_keygen_configurator"):
5351 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5352 raise Exception("Error not reported")
5354 with
alloc_fail(dev
[0], 1, "dpp_get_pubkey_point;dpp_keygen_configurator"):
5355 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5356 raise Exception("Error not reported")
5358 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen_configurator"):
5359 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5360 raise Exception("Error not reported")
5362 with
fail_test(dev
[0], 1, "dpp_keygen_configurator"):
5363 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5364 raise Exception("Error not reported")
5366 def test_dpp_own_config_sign_fail(dev
, apdev
):
5367 """DPP own config signing failure"""
5368 check_dpp_capab(dev
[0])
5369 res
= dev
[0].request("DPP_CONFIGURATOR_ADD")
5371 raise Exception("Failed to add configurator")
5376 " configurator=%d" % conf_id
,
5377 " conf=sta-dpp configurator=%d curve=unsupported" % conf_id
]
5379 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_SIGN " + t
):
5380 raise Exception("Invalid command accepted: " + t
)
5382 def test_dpp_peer_intro_failures(dev
, apdev
):
5383 """DPP peer introduction failures"""
5385 run_dpp_peer_intro_failures(dev
, apdev
)
5387 dev
[0].set("dpp_config_processing", "0")
5389 def run_dpp_peer_intro_failures(dev
, apdev
):
5390 check_dpp_capab(dev
[0])
5391 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5392 check_dpp_capab(hapd
)
5394 res
= hapd
.request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
)
5396 raise Exception("Failed to add configurator")
5398 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
5399 if "FAIL" in csign
or len(csign
) == 0:
5400 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
5402 res
= dev
[0].request("DPP_CONFIGURATOR_ADD key=" + csign
)
5404 raise Exception("Failed to add configurator")
5406 csign2
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id2
)
5409 raise Exception("Unexpected difference in configurator key")
5411 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d" % conf_id
5412 res
= hapd
.request(cmd
)
5414 raise Exception("Failed to generate own configuration")
5415 update_hapd_config(hapd
)
5417 dev
[0].set("dpp_config_processing", "1")
5418 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5419 res
= dev
[0].request(cmd
)
5421 raise Exception("Failed to generate own configuration")
5422 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
5424 raise Exception("DPP network profile not generated")
5425 id = ev
.split(' ')[1]
5426 dev
[0].select_network(id, freq
=2412)
5427 dev
[0].wait_connected()
5428 dev
[0].request("DISCONNECT")
5429 dev
[0].wait_disconnected()
5430 dev
[0].dump_monitor()
5432 tests
= [ "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOltdLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJiVmFMRGlBT09OQmFjcVFVN1pYamFBVEtEMVhhbDVlUExqOUZFZUl3VkN3IiwieSI6Il95c25JR1hTYjBvNEsyMWg0anZmSkZxMHdVNnlPNWp1VUFPd3FuM0dHVHMifX0.WgzZBOJaisWBRxvtXPbVYPXU7OIZxs6sZD-cPOLmJVTIYZKdMkSOMvP5b6si_j61FIrjhm43tmGq1P6cpoxB_g",
5433 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7fV0sIm5ldEFjY2Vzc0tleSI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IkJhY3BWSDNpNDBrZklNS0RHa1FFRzhCODBCaEk4cEFmTWpLbzM5NlFZT2ciLCJ5IjoiMjBDYjhDNjRsSjFzQzV2NXlKMnBFZXRRempxMjI4YVV2cHMxNmQ0M3EwQSJ9fQ.dG2y8VvZQJ5hfob8E5F2FAeR7Nd700qstYkxDgA2QfARaNMZ0_SfKfoG-yKXsIZNM-TvGBfACgfhagG9Oaw_Xw",
5434 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJkc2VmcmJWWlhad0RMWHRpLWlObDBBYkFIOXpqeFFKd0R1SUd5NzNuZGU0IiwieSI6IjZFQnExN3cwYW1fZlh1OUQ4UGxWYk9XZ2I3b19DcTUxWHlmSG8wcHJyeDQifX0.caBvdDUtXrhnS61-juVZ_2FQdprepv0yZjC04G4ERvLUpeX7cgu0Hp-A1aFDogP1PEFGpkaEdcAWRQnSSRiIKQ" ]
5436 dev
[0].set_network_quoted(id, "dpp_connector", t
)
5437 dev
[0].select_network(id, freq
=2412)
5438 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=5)
5439 if ev
is None or "status=8" not in ev
:
5440 raise Exception("Introduction failure not reported")
5441 dev
[0].request("DISCONNECT")
5442 dev
[0].dump_monitor()
5444 def test_dpp_peer_intro_local_failures(dev
, apdev
):
5445 """DPP peer introduction local failures"""
5446 check_dpp_capab(dev
[0])
5447 check_dpp_capab(dev
[1])
5449 params
= { "ssid": "dpp",
5451 "wpa_key_mgmt": "DPP",
5453 "rsn_pairwise": "CCMP",
5454 "dpp_connector": params1_ap_connector
,
5455 "dpp_csign": params1_csign
,
5456 "dpp_netaccesskey": params1_ap_netaccesskey
}
5458 hapd
= hostapd
.add_ap(apdev
[0], params
)
5460 raise HwsimSkip("DPP not supported")
5462 tests
= [ "dpp_derive_pmk",
5463 "dpp_hkdf_expand;dpp_derive_pmk",
5464 "dpp_derive_pmkid" ]
5466 with
fail_test(dev
[0], 1, func
):
5467 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5469 dpp_csign
=params1_csign
,
5470 dpp_connector
=params1_sta_connector
,
5471 dpp_netaccesskey
=params1_sta_netaccesskey
,
5473 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5474 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5475 raise Exception("Introduction failure not reported")
5476 dev
[0].request("REMOVE_NETWORK all")
5477 dev
[0].dump_monitor()
5479 tests
= [ (1, "base64_gen_decode;dpp_peer_intro"),
5480 (1, "json_parse;dpp_peer_intro"),
5481 (50, "json_parse;dpp_peer_intro"),
5482 (1, "=dpp_peer_intro"),
5483 (1, "dpp_parse_jwk") ]
5484 for count
,func
in tests
:
5485 with
alloc_fail(dev
[0], count
, func
):
5486 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5488 dpp_csign
=params1_csign
,
5489 dpp_connector
=params1_sta_connector
,
5490 dpp_netaccesskey
=params1_sta_netaccesskey
,
5492 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5493 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5494 raise Exception("Introduction failure not reported")
5495 dev
[0].request("REMOVE_NETWORK all")
5496 dev
[0].dump_monitor()
5498 parts
= params1_ap_connector
.split('.')
5499 for ap_connector
in [ '.'.join(parts
[0:2]), '.'.join(parts
[0:1]) ]:
5500 hapd
.set("dpp_connector", ap_connector
)
5501 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5503 dpp_csign
=params1_csign
,
5504 dpp_connector
=params1_sta_connector
,
5505 dpp_netaccesskey
=params1_sta_netaccesskey
,
5507 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5509 raise Exception("No TX status reported")
5510 dev
[0].request("REMOVE_NETWORK all")
5511 dev
[0].dump_monitor()
5513 hapd
.set("dpp_netaccesskey", "00")
5514 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5516 dpp_csign
=params1_csign
,
5517 dpp_connector
=params1_sta_connector
,
5518 dpp_netaccesskey
=params1_sta_netaccesskey
,
5520 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5522 raise Exception("No TX status reported")
5523 dev
[0].request("REMOVE_NETWORK all")
5524 dev
[0].dump_monitor()
5526 hapd
.set("dpp_csign", "00")
5527 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5529 dpp_csign
=params1_csign
,
5530 dpp_connector
=params1_sta_connector
,
5531 dpp_netaccesskey
=params1_sta_netaccesskey
,
5533 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5535 raise Exception("No TX status reported")
5536 dev
[0].request("REMOVE_NETWORK all")
5537 dev
[0].dump_monitor()
5539 def run_dpp_configurator_id_unknown(dev
):
5540 check_dpp_capab(dev
)
5541 res
= dev
.request("DPP_CONFIGURATOR_ADD")
5543 raise Exception("Failed to add configurator")
5545 if "FAIL" not in dev
.request("DPP_CONFIGURATOR_GET_KEY %d" % (conf_id
+ 1)):
5546 raise Exception("DPP_CONFIGURATOR_GET_KEY with incorrect id accepted")
5548 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % (conf_id
+ 1)
5549 if "FAIL" not in dev
.request(cmd
):
5550 raise Exception("DPP_CONFIGURATOR_SIGN with incorrect id accepted")
5552 def test_dpp_configurator_id_unknown(dev
, apdev
):
5553 """DPP and unknown configurator id"""
5554 run_dpp_configurator_id_unknown(dev
[0])
5555 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5556 run_dpp_configurator_id_unknown(hapd
)
5558 def run_dpp_bootstrap_gen_failures(dev
, hostapd
):
5559 check_dpp_capab(dev
)
5561 tests
= [ "type=unsupported",
5562 "type=qrcode chan=-1",
5563 "type=qrcode mac=a",
5564 "type=qrcode key=qq",
5566 "type=qrcode info=abc\tdef" ]
5568 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN " + t
):
5569 raise Exception("Command accepted unexpectedly")
5571 id = dev
.request("DPP_BOOTSTRAP_GEN type=qrcode")
5573 raise Exception("Failed to generate bootstrap info")
5574 uri
= dev
.request("DPP_BOOTSTRAP_GET_URI " + id)
5575 if not uri
.startswith("DPP:"):
5576 raise Exception("Could not get URI")
5577 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
5578 raise Exception("Failure not reported")
5579 info
= dev
.request("DPP_BOOTSTRAP_INFO " + id)
5580 if not info
.startswith("type=QRCODE"):
5581 raise Exception("Could not get info")
5582 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_REMOVE 0"):
5583 raise Exception("Failure not reported")
5584 if "FAIL" in dev
.request("DPP_BOOTSTRAP_REMOVE *"):
5585 raise Exception("Failed to remove bootstrap info")
5586 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI " + id):
5587 raise Exception("Failure not reported")
5588 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_INFO " + id):
5589 raise Exception("Failure not reported")
5591 func
= "hostapd_dpp_bootstrap_gen" if hostapd
else "wpas_dpp_bootstrap_gen"
5592 with
alloc_fail(dev
, 1, "=" + func
):
5593 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5594 raise Exception("Command accepted unexpectedly")
5596 with
alloc_fail(dev
, 2, "=" + func
):
5597 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5598 raise Exception("Command accepted unexpectedly")
5600 with
alloc_fail(dev
, 1, "get_param"):
5601 dev
.request("DPP_BOOTSTRAP_GEN type=qrcode curve=foo")
5603 def test_dpp_bootstrap_gen_failures(dev
, apdev
):
5604 """DPP_BOOTSTRAP_GEN/REMOVE/GET_URI/INFO error cases"""
5605 run_dpp_bootstrap_gen_failures(dev
[0], False)
5606 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5607 run_dpp_bootstrap_gen_failures(hapd
, True)
5609 def test_dpp_listen_continue(dev
, apdev
):
5610 """DPP and continue listen state"""
5611 check_dpp_capab(dev
[0])
5612 check_dpp_capab(dev
[1])
5614 addr
= dev
[0].own_addr().replace(':', '')
5615 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
5617 raise Exception("Failed to set key for " + curve
)
5618 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
5620 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5621 raise Exception("Failed to start listen operation")
5624 id = dev
[1].dpp_qr_code(uri
)
5625 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id):
5626 raise Exception("Failed to initiate DPP Authentication")
5627 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
5629 raise Exception("DPP configuration result not seen (Enrollee)")
5630 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
5632 raise Exception("DPP configuration result not seen (Responder)")
5633 dev
[0].request("DPP_STOP_LISTEN")
5634 dev
[1].request("DPP_STOP_LISTEN")
5636 def test_dpp_network_addition_failure(dev
, apdev
):
5637 """DPP network addition failure"""
5639 run_dpp_network_addition_failure(dev
, apdev
)
5641 dev
[0].set("dpp_config_processing", "0")
5643 def run_dpp_network_addition_failure(dev
, apdev
):
5644 check_dpp_capab(dev
[0])
5646 res
= dev
[0].request("DPP_CONFIGURATOR_ADD")
5648 raise Exception("Failed to add configurator")
5651 dev
[0].set("dpp_config_processing", "1")
5652 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5653 tests
= [ (1, "=wpas_dpp_add_network"),
5654 (2, "=wpas_dpp_add_network"),
5655 (3, "=wpas_dpp_add_network"),
5656 (4, "=wpas_dpp_add_network"),
5657 (1, "wpa_config_add_network;wpas_dpp_add_network") ]
5658 for count
,func
in tests
:
5659 with
alloc_fail(dev
[0], count
, func
):
5660 res
= dev
[0].request(cmd
)
5662 raise Exception("Failed to generate own configuration")
5663 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5665 raise Exception("Config object not processed")
5666 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5667 dev
[0].dump_monitor()
5669 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-psk pass=%s configurator=%d" % (binascii
.hexlify(b
"passphrase").decode(), conf_id
)
5670 tests
= [ (1, "wpa_config_set_quoted;wpas_dpp_add_network") ]
5671 for count
,func
in tests
:
5672 with
alloc_fail(dev
[0], count
, func
):
5673 res
= dev
[0].request(cmd
)
5675 raise Exception("Failed to generate own configuration")
5676 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5678 raise Exception("Config object not processed")
5679 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5680 dev
[0].dump_monitor()
5682 def test_dpp_two_initiators(dev
, apdev
):
5683 """DPP and two initiators"""
5684 check_dpp_capab(dev
[0])
5685 check_dpp_capab(dev
[1])
5686 check_dpp_capab(dev
[2])
5688 addr
= dev
[0].own_addr().replace(':', '')
5689 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
5691 raise Exception("Failed to set key for " + curve
)
5692 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
5694 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5695 raise Exception("Failed to start listen operation")
5697 id1
= dev
[1].dpp_qr_code(uri
)
5698 id2
= dev
[2].dpp_qr_code(uri
)
5700 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
5701 raise Exception("Failed to initiate DPP Authentication")
5702 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5704 raise Exeption("No DPP Authentication Request seen")
5705 if "OK" not in dev
[2].request("DPP_AUTH_INIT peer=%d" % id2
):
5706 raise Exception("Failed to initiate DPP Authentication (2)")
5708 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
5710 raise Exeption("No DPP failure seen")
5711 if "DPP-FAIL Already in DPP authentication exchange - ignore new one" not in ev
:
5712 raise Exception("Second DPP authentication exchange not reported as ignored")
5714 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
5716 raise Exception("DPP configuration result not seen (Enrollee)")
5717 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
5719 raise Exception("DPP configuration result not seen (Responder)")
5721 dev
[0].request("DPP_STOP_LISTEN")
5722 dev
[1].request("DPP_STOP_LISTEN")
5723 dev
[2].request("DPP_STOP_LISTEN")
5725 def test_dpp_conf_file_update(dev
, apdev
, params
):
5726 """DPP provisioning updating wpa_supplicant configuration file"""
5727 config
= os
.path
.join(params
['logdir'], 'dpp_conf_file_update.conf')
5728 with
open(config
, "w") as f
:
5729 f
.write("update_config=1\n")
5730 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
5731 wpas
.interface_add("wlan5", config
=config
)
5732 wpas
.set("dpp_config_processing", "1")
5733 run_dpp_qr_code_auth_unicast([ wpas
, dev
[1] ], apdev
, None,
5734 init_extra
="conf=sta-dpp",
5735 require_conf_success
=True,
5737 wpas
.interface_remove("wlan5")
5739 with
open(config
, "r") as f
:
5741 for i
in [ "network={", "dpp_connector=", "key_mgmt=DPP", "ieee80211w=2",
5742 "dpp_netaccesskey=", "dpp_csign=" ]:
5744 raise Exception("Configuration file missing '%s'" % i
)
5746 wpas
.interface_add("wlan5", config
=config
)
5747 if len(wpas
.list_networks()) != 1:
5748 raise Exception("Unexpected number of networks")