1 # Test cases for Device Provisioning Protocol (DPP)
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018, The Linux Foundation
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
12 logger
= logging
.getLogger()
19 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
20 from wpasupplicant
import WpaSupplicant
24 openssl_imported
= True
26 openssl_imported
= False
28 def check_dpp_capab(dev
, brainpool
=False):
29 if "UNKNOWN COMMAND" in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
30 raise HwsimSkip("DPP not supported")
32 tls
= dev
.request("GET tls_library")
33 if not tls
.startswith("OpenSSL") or "run=BoringSSL" in tls
:
34 raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls
)
36 def test_dpp_qr_code_parsing(dev
, apdev
):
37 """DPP QR Code parsing"""
38 check_dpp_capab(dev
[0])
41 tests
= [ "DPP:C:81/1,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
42 "DPP:C:81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13,82/14,83/1,83/2,83/3,83/4,83/5,83/6,83/7,83/8,83/9,84/5,84/6,84/7,84/8,84/9,84/10,84/11,84/12,84/13,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
43 "DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
44 "DPP:I:;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;" ]
46 res
= dev
[0].request("DPP_QR_CODE " + uri
)
48 raise Exception("Failed to parse QR Code")
51 uri2
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id[-1])
53 raise Exception("Returned URI does not match")
59 "DPP:I:;M:01020304050;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
60 "DPP:K:" + base64
.b64encode("hello") + ";;",
61 "DPP:K:MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
62 "DPP:K:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNZaZA4T/kRDjnmpI1ACOJhAuTIIEk2KFOpS6XPpGF+EVr/ao3XemkE0/nzXmGaLzLqTUCJknSdxTnVPeWfCVsCAwEAAQ==;;",
63 "DPP:K:MIIBCjCB0wYHKoZIzj0CATCBxwIBATAkBgcqhkjOPQEBAhkA/////////////////////v//////////MEsEGP////////////////////7//////////AQYZCEFGeWcgOcPp+mrciQwSf643uzBRrmxAxUAMEWub8hCL2TtV5Uo04Eg6uEhltUEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
64 "DPP:I:foo\tbar;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
65 "DPP:C:1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
66 "DPP:C:81/1a;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
67 "DPP:C:1/2000,81/-1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
68 "DPP:C:-1/1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;" ]
70 res
= dev
[0].request("DPP_QR_CODE " + t
)
72 raise Exception("Accepted invalid QR Code: " + t
)
74 logger
.info("ID: " + str(id))
75 if id[0] == id[1] or id[0] == id[2] or id[1] == id[2]:
76 raise Exception("Duplicate ID returned")
78 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE 12345678"):
79 raise Exception("DPP_BOOTSTRAP_REMOVE accepted unexpectedly")
80 if "OK" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE %d" % id[1]):
81 raise Exception("DPP_BOOTSTRAP_REMOVE failed")
83 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode")
85 raise Exception("Failed to generate bootstrapping info")
86 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
87 logger
.info("Generated URI: " + uri
)
89 res
= dev
[0].request("DPP_QR_CODE " + uri
)
91 raise Exception("Failed to parse self-generated QR Code URI")
93 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,115/36 mac=010203040506 info=foo")
95 raise Exception("Failed to generate bootstrapping info")
96 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
97 logger
.info("Generated URI: " + uri
)
99 res
= dev
[0].request("DPP_QR_CODE " + uri
)
101 raise Exception("Failed to parse self-generated QR Code URI")
103 def test_dpp_qr_code_parsing_fail(dev
, apdev
):
104 """DPP QR Code parsing local failure"""
105 check_dpp_capab(dev
[0])
106 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_info"):
107 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
108 raise Exception("DPP_QR_CODE failure not reported")
110 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_pk"):
111 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
112 raise Exception("DPP_QR_CODE failure not reported")
114 with
fail_test(dev
[0], 1, "dpp_parse_uri_pk"):
115 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
116 raise Exception("DPP_QR_CODE failure not reported")
118 with
alloc_fail(dev
[0], 1, "dpp_parse_uri"):
119 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
120 raise Exception("DPP_QR_CODE failure not reported")
122 dpp_key_p256
="30570201010420777fc55dc51e967c10ec051b91d860b5f1e6c934e48d5daffef98d032c64b170a00a06082a8648ce3d030107a124032200020c804188c7f85beb6e91070d2b3e5e39b90ca77b4d3c5251bc1844d6ca29dcad"
123 dpp_key_p384
= "307402010104302f56fdd83b5345cacb630eb7c22fa5ad5daba37307c95191e2a75756d137003bd8b32dbcb00eb5650c1eb499ecfcaec0a00706052b81040022a13403320003615ec2141b5b77aebb6523f8a012755f9a34405a8398d2ceeeebca7f5ce868bf55056cba4c4ec62fad3ed26dd29e0f23"
124 dpp_key_p521
= "308198020101044200c8010d5357204c252551aaf4e210343111e503fd1dc615b257058997c49b6b643c975226e93be8181cca3d83a7072defd161dfbdf433c19abe1f2ad51867a05761a00706052b81040023a1460344000301cdf3608b1305fe34a1f976095dcf001182b9973354efe156291a66830292f9babd8f412ad462958663e7a75d1d0610abdfc3dd95d40669f7ab3bc001668cfb3b7c"
125 dpp_key_bp256
= "3058020101042057133a676fb60bf2a3e6797e19833c7b0f89dc192ab99ab5fa377ae23a157765a00b06092b2403030208010107a12403220002945d9bf7ce30c9c1ac0ff21ca62b984d5bb80ff69d2be8c9716ab39a10d2caf0"
126 dpp_key_bp384
= "307802010104304902df9f3033a9b7128554c0851dc7127c3573eed150671dae74c0013e9896a9b1c22b6f7d43d8a2ebb7cd474dc55039a00b06092b240303020801010ba13403320003623cb5e68787f351faababf3425161571560add2e6f9a306fcbffb507735bf955bb46dd20ba246b0d5cadce73e5bd6a6"
127 dpp_key_bp512
= "30819802010104405803494226eb7e50bf0e90633f37e7e35d33f5fa502165eeba721d927f9f846caf12e925701d18e123abaaaf4a7edb4fc4de21ce18bc10c4d12e8b3439f74e40a00b06092b240303020801010da144034200033b086ccd47486522d35dc16fbb2229642c2e9e87897d45abbf21f9fb52acb5a6272b31d1b227c3e53720769cc16b4cb181b26cd0d35fe463218aaedf3b6ec00a"
129 def test_dpp_qr_code_curves(dev
, apdev
):
130 """DPP QR Code and supported curves"""
131 check_dpp_capab(dev
[0])
132 tests
= [ ("prime256v1", dpp_key_p256
),
133 ("secp384r1", dpp_key_p384
),
134 ("secp521r1", dpp_key_p521
) ]
135 for curve
, hex in tests
:
136 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
138 raise Exception("Failed to set key for " + curve
)
139 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
141 raise Exception("Failed to get info for " + curve
)
142 if "curve=" + curve
not in info
:
143 raise Exception("Curve mismatch for " + curve
)
145 def test_dpp_qr_code_curves_brainpool(dev
, apdev
):
146 """DPP QR Code and supported Brainpool curves"""
147 check_dpp_capab(dev
[0], brainpool
=True)
148 tests
= [ ("brainpoolP256r1", dpp_key_bp256
),
149 ("brainpoolP384r1", dpp_key_bp384
),
150 ("brainpoolP512r1", dpp_key_bp512
) ]
151 for curve
, hex in tests
:
152 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
154 raise Exception("Failed to set key for " + curve
)
155 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
157 raise Exception("Failed to get info for " + curve
)
158 if "curve=" + curve
not in info
:
159 raise Exception("Curve mismatch for " + curve
)
161 def test_dpp_qr_code_unsupported_curve(dev
, apdev
):
162 """DPP QR Code and unsupported curve"""
163 check_dpp_capab(dev
[0])
165 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode curve=unsupported")
167 raise Exception("Unsupported curve accepted")
170 "305f02010104187f723ed9e1b41979ec5cd02eb82696efc76b40e277661049a00a06082a8648ce3d030101a134033200043f292614dea97c43f500f069e79ae9fb48f8b07369180de5eec8fa2bc9eea5af7a46dc335f52f10cb1c0e9464201d41b" ]
172 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
174 raise Exception("Unsupported/invalid curve accepted")
176 def test_dpp_qr_code_keygen_fail(dev
, apdev
):
177 """DPP QR Code and keygen failure"""
178 check_dpp_capab(dev
[0])
180 with
alloc_fail(dev
[0], 1, "dpp_bootstrap_key_der;dpp_keygen"):
181 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
182 raise Exception("Failure not reported")
184 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen"):
185 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
186 raise Exception("Failure not reported")
188 def test_dpp_qr_code_curve_select(dev
, apdev
):
189 """DPP QR Code and curve selection"""
190 check_dpp_capab(dev
[0], brainpool
=True)
191 check_dpp_capab(dev
[1], brainpool
=True)
193 addr
= dev
[0].own_addr().replace(':', '')
195 for key
in [ dpp_key_p256
, dpp_key_p384
, dpp_key_p521
,
196 dpp_key_bp256
, dpp_key_bp384
, dpp_key_bp512
]:
197 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " key=" + key
)
199 raise Exception("Failed to set key for " + curve
)
200 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
201 for i
in info
.splitlines():
203 name
, val
= i
.split('=')
207 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
208 bi
.append((curve
, uri
))
210 for curve
, uri
in bi
:
211 logger
.info("Curve: " + curve
)
212 logger
.info("URI: " + uri
)
214 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
215 raise Exception("Failed to start listen operation")
217 res
= dev
[1].request("DPP_QR_CODE " + uri
)
219 raise Exception("Failed to parse QR Code URI")
220 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=" + res
):
221 raise Exception("Failed to initiate DPP Authentication")
222 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
224 raise Exception("DPP authentication did not succeed (Responder)")
225 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
227 raise Exception("DPP authentication did not succeed (Initiator)")
228 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
230 raise Exception("DPP configuration result not seen (Enrollee)")
231 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
233 raise Exception("DPP configuration result not seen (Responder)")
234 dev
[0].request("DPP_STOP_LISTEN")
235 dev
[1].request("DPP_STOP_LISTEN")
236 dev
[0].dump_monitor()
237 dev
[1].dump_monitor()
239 def test_dpp_qr_code_auth_broadcast(dev
, apdev
):
240 """DPP QR Code and authentication exchange (broadcast)"""
241 check_dpp_capab(dev
[0])
242 check_dpp_capab(dev
[1])
243 logger
.info("dev0 displays QR Code")
244 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1")
246 raise Exception("Failed to generate bootstrapping info")
248 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
250 logger
.info("dev1 scans QR Code")
251 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
253 raise Exception("Failed to parse QR Code URI")
256 logger
.info("dev1 initiates DPP Authentication")
257 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
258 raise Exception("Failed to start listen operation")
259 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
260 raise Exception("Failed to initiate DPP Authentication")
261 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
263 raise Exception("DPP authentication did not succeed (Responder)")
264 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
266 raise Exception("DPP authentication did not succeed (Initiator)")
267 dev
[0].request("DPP_STOP_LISTEN")
269 def test_dpp_qr_code_auth_unicast(dev
, apdev
):
270 """DPP QR Code and authentication exchange (unicast)"""
271 run_dpp_qr_code_auth_unicast(dev
, apdev
, None)
273 def test_dpp_qr_code_auth_unicast_ap_enrollee(dev
, apdev
):
274 """DPP QR Code and authentication exchange (AP enrollee)"""
275 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, netrole
="ap")
277 def test_dpp_qr_code_curve_prime256v1(dev
, apdev
):
278 """DPP QR Code and curve prime256v1"""
279 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1")
281 def test_dpp_qr_code_curve_secp384r1(dev
, apdev
):
282 """DPP QR Code and curve secp384r1"""
283 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1")
285 def test_dpp_qr_code_curve_secp521r1(dev
, apdev
):
286 """DPP QR Code and curve secp521r1"""
287 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1")
289 def test_dpp_qr_code_curve_brainpoolP256r1(dev
, apdev
):
290 """DPP QR Code and curve brainpoolP256r1"""
291 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP256r1")
293 def test_dpp_qr_code_curve_brainpoolP384r1(dev
, apdev
):
294 """DPP QR Code and curve brainpoolP384r1"""
295 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP384r1")
297 def test_dpp_qr_code_curve_brainpoolP512r1(dev
, apdev
):
298 """DPP QR Code and curve brainpoolP512r1"""
299 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP512r1")
301 def test_dpp_qr_code_set_key(dev
, apdev
):
302 """DPP QR Code and fixed bootstrapping key"""
303 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, key
="30770201010420e5143ac74682cc6869a830e8f5301a5fa569130ac329b1d7dd6f2a7495dbcbe1a00a06082a8648ce3d030107a144034200045e13e167c33dbc7d85541e5509600aa8139bbb3e39e25898992c5d01be92039ee2850f17e71506ded0d6b25677441eae249f8e225c68dd15a6354dca54006383")
305 def run_dpp_qr_code_auth_unicast(dev
, apdev
, curve
, netrole
=None, key
=None,
306 require_conf_success
=False, init_extra
=None,
307 require_conf_failure
=False,
308 configurator
=False, conf_curve
=None):
309 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
310 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
312 logger
.info("Create configurator on dev1")
313 cmd
= "DPP_CONFIGURATOR_ADD"
315 cmd
+= " curve=" + conf_curve
316 res
= dev
[1].request(cmd
);
318 raise Exception("Failed to add configurator")
321 logger
.info("dev0 displays QR Code")
322 addr
= dev
[0].own_addr().replace(':', '')
323 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
325 cmd
+= " curve=" + curve
328 res
= dev
[0].request(cmd
)
330 raise Exception("Failed to generate bootstrapping info")
332 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
334 logger
.info("dev1 scans QR Code")
335 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
337 raise Exception("Failed to parse QR Code URI")
340 logger
.info("dev1 initiates DPP Authentication")
341 cmd
= "DPP_LISTEN 2412"
343 cmd
+= " netrole=" + netrole
344 if "OK" not in dev
[0].request(cmd
):
345 raise Exception("Failed to start listen operation")
346 cmd
= "DPP_AUTH_INIT peer=%d" % id1
348 cmd
+= " " + init_extra
350 cmd
+= " configurator=%d" % conf_id
351 if "OK" not in dev
[1].request(cmd
):
352 raise Exception("Failed to initiate DPP Authentication")
353 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
355 raise Exception("DPP authentication did not succeed (Responder)")
356 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
358 raise Exception("DPP authentication did not succeed (Initiator)")
359 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
361 raise Exception("DPP configuration not completed (Configurator)")
362 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
364 raise Exception("DPP configuration not completed (Enrollee)")
365 if require_conf_success
:
366 if "DPP-CONF-FAILED" in ev
:
367 raise Exception("DPP configuration failed")
368 if require_conf_failure
:
369 if "DPP-CONF-SUCCESS" in ev
:
370 raise Exception("DPP configuration succeeded unexpectedly")
371 dev
[0].request("DPP_STOP_LISTEN")
372 dev
[0].dump_monitor()
373 dev
[1].dump_monitor()
375 def test_dpp_qr_code_auth_mutual(dev
, apdev
):
376 """DPP QR Code and authentication exchange (mutual)"""
377 check_dpp_capab(dev
[0])
378 check_dpp_capab(dev
[1])
379 logger
.info("dev0 displays QR Code")
380 addr
= dev
[0].own_addr().replace(':', '')
381 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
383 raise Exception("Failed to generate bootstrapping info")
385 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
387 logger
.info("dev1 scans QR Code")
388 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
390 raise Exception("Failed to parse QR Code URI")
393 logger
.info("dev1 displays QR Code")
394 addr
= dev
[1].own_addr().replace(':', '')
395 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
397 raise Exception("Failed to generate bootstrapping info")
399 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
401 logger
.info("dev0 scans QR Code")
402 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
404 raise Exception("Failed to parse QR Code URI")
407 logger
.info("dev1 initiates DPP Authentication")
408 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
409 raise Exception("Failed to start listen operation")
410 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
411 raise Exception("Failed to initiate DPP Authentication")
413 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
415 raise Exception("DPP authentication direction not indicated (Initiator)")
416 if "mutual=1" not in ev
:
417 raise Exception("Mutual authentication not used")
419 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
421 raise Exception("DPP authentication did not succeed (Responder)")
422 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
424 raise Exception("DPP authentication did not succeed (Initiator)")
425 dev
[0].request("DPP_STOP_LISTEN")
427 def test_dpp_qr_code_auth_mutual2(dev
, apdev
):
428 """DPP QR Code and authentication exchange (mutual2)"""
429 check_dpp_capab(dev
[0])
430 check_dpp_capab(dev
[1])
431 logger
.info("dev0 displays QR Code")
432 addr
= dev
[0].own_addr().replace(':', '')
433 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
435 raise Exception("Failed to generate bootstrapping info")
437 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
439 logger
.info("dev1 scans QR Code")
440 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
442 raise Exception("Failed to parse QR Code URI")
445 logger
.info("dev1 displays QR Code")
446 addr
= dev
[1].own_addr().replace(':', '')
447 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
449 raise Exception("Failed to generate bootstrapping info")
451 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
453 logger
.info("dev1 initiates DPP Authentication")
454 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
455 raise Exception("Failed to start listen operation")
456 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
457 raise Exception("Failed to initiate DPP Authentication")
459 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
461 raise Exception("Pending response not reported")
462 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
464 raise Exception("QR Code scan for mutual authentication not requested")
466 logger
.info("dev0 scans QR Code")
467 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
469 raise Exception("Failed to parse QR Code URI")
472 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
474 raise Exception("DPP authentication direction not indicated (Initiator)")
475 if "mutual=1" not in ev
:
476 raise Exception("Mutual authentication not used")
478 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
480 raise Exception("DPP authentication did not succeed (Responder)")
481 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
483 raise Exception("DPP authentication did not succeed (Initiator)")
484 dev
[0].request("DPP_STOP_LISTEN")
486 def test_dpp_qr_code_auth_mutual_p_256(dev
, apdev
):
487 """DPP QR Code and authentication exchange (mutual, autogen P-256)"""
488 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-256")
490 def test_dpp_qr_code_auth_mutual_p_384(dev
, apdev
):
491 """DPP QR Code and authentication exchange (mutual, autogen P-384)"""
492 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-384")
494 def test_dpp_qr_code_auth_mutual_p_521(dev
, apdev
):
495 """DPP QR Code and authentication exchange (mutual, autogen P-521)"""
496 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-521")
498 def test_dpp_qr_code_auth_mutual_bp_256(dev
, apdev
):
499 """DPP QR Code and authentication exchange (mutual, autogen BP-256)"""
500 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-256")
502 def test_dpp_qr_code_auth_mutual_bp_384(dev
, apdev
):
503 """DPP QR Code and authentication exchange (mutual, autogen BP-384)"""
504 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-384")
506 def test_dpp_qr_code_auth_mutual_bp_512(dev
, apdev
):
507 """DPP QR Code and authentication exchange (mutual, autogen BP-512)"""
508 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-512")
510 def run_dpp_qr_code_auth_mutual(dev
, apdev
, curve
):
511 check_dpp_capab(dev
[0], curve
and "BP-" in curve
)
512 check_dpp_capab(dev
[1], curve
and "BP-" in curve
)
513 logger
.info("dev0 displays QR Code")
514 addr
= dev
[0].own_addr().replace(':', '')
515 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
516 cmd
+= " curve=" + curve
517 res
= dev
[0].request(cmd
)
519 raise Exception("Failed to generate bootstrapping info")
521 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
523 logger
.info("dev1 scans QR Code")
524 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
526 raise Exception("Failed to parse QR Code URI")
529 logger
.info("dev1 initiates DPP Authentication")
530 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
531 raise Exception("Failed to start listen operation")
532 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % (id1
)):
533 raise Exception("Failed to initiate DPP Authentication")
535 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
537 raise Exception("Pending response not reported")
538 uri
= ev
.split(' ')[1]
540 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
542 raise Exception("QR Code scan for mutual authentication not requested")
544 logger
.info("dev0 scans QR Code")
545 res
= dev
[0].request("DPP_QR_CODE " + uri
)
547 raise Exception("Failed to parse QR Code URI")
549 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
551 raise Exception("DPP authentication direction not indicated (Initiator)")
552 if "mutual=1" not in ev
:
553 raise Exception("Mutual authentication not used")
555 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
557 raise Exception("DPP authentication did not succeed (Responder)")
558 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
560 raise Exception("DPP authentication did not succeed (Initiator)")
561 dev
[0].request("DPP_STOP_LISTEN")
563 def test_dpp_auth_resp_retries(dev
, apdev
):
564 """DPP Authentication Response retries"""
565 check_dpp_capab(dev
[0])
566 check_dpp_capab(dev
[1])
567 dev
[0].set("dpp_resp_max_tries", "3")
568 dev
[0].set("dpp_resp_retry_time", "100")
570 logger
.info("dev0 displays QR Code")
571 addr
= dev
[0].own_addr().replace(':', '')
572 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
574 raise Exception("Failed to generate bootstrapping info")
576 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
578 logger
.info("dev1 scans QR Code")
579 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
581 raise Exception("Failed to parse QR Code URI")
584 logger
.info("dev1 displays QR Code")
585 addr
= dev
[1].own_addr().replace(':', '')
586 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
588 raise Exception("Failed to generate bootstrapping info")
590 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
592 logger
.info("dev1 initiates DPP Authentication")
593 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
594 raise Exception("Failed to start listen operation")
595 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
596 raise Exception("Failed to initiate DPP Authentication")
598 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
600 raise Exception("Pending response not reported")
601 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
603 raise Exception("QR Code scan for mutual authentication not requested")
605 # Stop Initiator from listening to frames to force retransmission of the
606 # DPP Authentication Response frame with Status=0
607 dev
[1].request("DPP_STOP_LISTEN")
609 dev
[1].dump_monitor()
610 dev
[0].dump_monitor()
612 logger
.info("dev0 scans QR Code")
613 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
615 raise Exception("Failed to parse QR Code URI")
618 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
619 if ev
is None or "type=1" not in ev
:
620 raise Exception("DPP Authentication Response not sent")
621 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
623 raise Exception("TX status for DPP Authentication Response not reported")
624 if "result=no-ACK" not in ev
:
625 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
627 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=15)
628 if ev
is None or "type=1" not in ev
:
629 raise Exception("DPP Authentication Response retransmission not sent")
631 def test_dpp_qr_code_auth_mutual_not_used(dev
, apdev
):
632 """DPP QR Code and authentication exchange (mutual not used)"""
633 check_dpp_capab(dev
[0])
634 check_dpp_capab(dev
[1])
635 logger
.info("dev0 displays QR Code")
636 addr
= dev
[0].own_addr().replace(':', '')
637 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
639 raise Exception("Failed to generate bootstrapping info")
641 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
643 logger
.info("dev1 scans QR Code")
644 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
646 raise Exception("Failed to parse QR Code URI")
649 logger
.info("dev1 displays QR Code")
650 addr
= dev
[1].own_addr().replace(':', '')
651 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
653 raise Exception("Failed to generate bootstrapping info")
655 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
657 logger
.info("dev0 does not scan QR Code")
659 logger
.info("dev1 initiates DPP Authentication")
660 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
661 raise Exception("Failed to start listen operation")
662 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
663 raise Exception("Failed to initiate DPP Authentication")
665 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
667 raise Exception("DPP authentication direction not indicated (Initiator)")
668 if "mutual=0" not in ev
:
669 raise Exception("Mutual authentication not used")
671 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
673 raise Exception("DPP authentication did not succeed (Responder)")
674 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
676 raise Exception("DPP authentication did not succeed (Initiator)")
677 dev
[0].request("DPP_STOP_LISTEN")
679 def test_dpp_qr_code_auth_mutual_curve_mismatch(dev
, apdev
):
680 """DPP QR Code and authentication exchange (mutual/mismatch)"""
681 check_dpp_capab(dev
[0])
682 check_dpp_capab(dev
[1])
683 logger
.info("dev0 displays QR Code")
684 addr
= dev
[0].own_addr().replace(':', '')
685 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
687 raise Exception("Failed to generate bootstrapping info")
689 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
691 logger
.info("dev1 scans QR Code")
692 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
694 raise Exception("Failed to parse QR Code URI")
697 logger
.info("dev1 displays QR Code")
698 addr
= dev
[1].own_addr().replace(':', '')
699 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " curve=secp384r1")
701 raise Exception("Failed to generate bootstrapping info")
703 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
705 logger
.info("dev0 scans QR Code")
706 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
708 raise Exception("Failed to parse QR Code URI")
711 res
= dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
))
712 if "FAIL" not in res
:
713 raise Exception("DPP_AUTH_INIT accepted unexpectedly")
715 def test_dpp_qr_code_auth_hostapd_mutual2(dev
, apdev
):
716 """DPP QR Code and authentication exchange (hostapd mutual2)"""
717 check_dpp_capab(dev
[0])
718 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
719 check_dpp_capab(hapd
)
721 logger
.info("AP displays QR Code")
722 addr
= hapd
.own_addr().replace(':', '')
723 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
724 res
= hapd
.request(cmd
)
726 raise Exception("Failed to generate bootstrapping info")
728 uri_h
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
730 logger
.info("dev0 scans QR Code")
731 res
= dev
[0].request("DPP_QR_CODE " + uri_h
)
733 raise Exception("Failed to parse QR Code URI")
736 logger
.info("dev0 displays QR Code")
737 addr
= dev
[0].own_addr().replace(':', '')
738 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
740 raise Exception("Failed to generate bootstrapping info")
742 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0b
)
744 logger
.info("dev0 initiates DPP Authentication")
745 if "OK" not in hapd
.request("DPP_LISTEN 2412 qr=mutual"):
746 raise Exception("Failed to start listen operation")
747 if "OK" not in dev
[0].request("DPP_AUTH_INIT peer=%d own=%d" % (id0
, id0b
)):
748 raise Exception("Failed to initiate DPP Authentication")
750 ev
= dev
[0].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
752 raise Exception("Pending response not reported")
753 ev
= hapd
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
755 raise Exception("QR Code scan for mutual authentication not requested")
757 logger
.info("AP scans QR Code")
758 res
= hapd
.request("DPP_QR_CODE " + uri0
)
760 raise Exception("Failed to parse QR Code URI")
762 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
764 raise Exception("DPP authentication did not succeed (Responder)")
765 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
767 raise Exception("DPP authentication did not succeed (Initiator)")
768 hapd
.request("DPP_STOP_LISTEN")
770 def test_dpp_qr_code_listen_continue(dev
, apdev
):
771 """DPP QR Code and listen operation needing continuation"""
772 check_dpp_capab(dev
[0])
773 check_dpp_capab(dev
[1])
774 logger
.info("dev0 displays QR Code")
775 addr
= dev
[0].own_addr().replace(':', '')
776 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
778 raise Exception("Failed to generate bootstrapping info")
780 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
782 logger
.info("dev1 scans QR Code")
783 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
785 raise Exception("Failed to parse QR Code URI")
788 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
789 raise Exception("Failed to start listen operation")
790 logger
.info("Wait for listen to expire and get restarted")
792 logger
.info("dev1 initiates DPP Authentication")
793 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
794 raise Exception("Failed to initiate DPP Authentication")
795 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
797 raise Exception("DPP authentication did not succeed (Responder)")
798 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
800 raise Exception("DPP authentication did not succeed (Initiator)")
801 dev
[0].request("DPP_STOP_LISTEN")
803 def test_dpp_qr_code_auth_initiator_enrollee(dev
, apdev
):
804 """DPP QR Code and authentication exchange (Initiator in Enrollee role)"""
805 check_dpp_capab(dev
[0])
806 check_dpp_capab(dev
[1])
807 dev
[0].request("SET gas_address3 1")
808 dev
[1].request("SET gas_address3 1")
809 logger
.info("dev0 displays QR Code")
810 addr
= dev
[0].own_addr().replace(':', '')
811 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
813 raise Exception("Failed to generate bootstrapping info")
815 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
817 logger
.info("dev1 scans QR Code")
818 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
820 raise Exception("Failed to parse QR Code URI")
823 logger
.info("dev1 initiates DPP Authentication")
824 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
825 raise Exception("Failed to start listen operation")
826 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
827 raise Exception("Failed to initiate DPP Authentication")
828 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
830 raise Exception("DPP authentication did not succeed (Responder)")
831 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
833 raise Exception("DPP authentication did not succeed (Initiator)")
835 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
837 raise Exception("DPP configuration did not succeed (Configurator)")
838 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
840 raise Exception("DPP configuration did not succeed (Enrollee)")
842 dev
[0].request("DPP_STOP_LISTEN")
844 def test_dpp_qr_code_auth_initiator_either_1(dev
, apdev
):
845 """DPP QR Code and authentication exchange (Initiator in either role)"""
846 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, None, dev
[1], dev
[0])
848 def test_dpp_qr_code_auth_initiator_either_2(dev
, apdev
):
849 """DPP QR Code and authentication exchange (Initiator in either role)"""
850 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "enrollee",
853 def test_dpp_qr_code_auth_initiator_either_3(dev
, apdev
):
854 """DPP QR Code and authentication exchange (Initiator in either role)"""
855 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "configurator",
858 def run_dpp_qr_code_auth_initiator_either(dev
, apdev
, resp_role
,
859 conf_dev
, enrollee_dev
):
860 check_dpp_capab(dev
[0])
861 check_dpp_capab(dev
[1])
862 logger
.info("dev0 displays QR Code")
863 addr
= dev
[0].own_addr().replace(':', '')
864 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
866 raise Exception("Failed to generate bootstrapping info")
868 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
870 logger
.info("dev1 scans QR Code")
871 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
873 raise Exception("Failed to parse QR Code URI")
876 logger
.info("dev1 initiates DPP Authentication")
877 cmd
= "DPP_LISTEN 2412"
879 cmd
+= " role=" + resp_role
880 if "OK" not in dev
[0].request(cmd
):
881 raise Exception("Failed to start listen operation")
882 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=either" % id1
):
883 raise Exception("Failed to initiate DPP Authentication")
884 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
886 raise Exception("DPP authentication did not succeed (Responder)")
887 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
889 raise Exception("DPP authentication did not succeed (Initiator)")
891 ev
= conf_dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
893 raise Exception("DPP configuration did not succeed (Configurator)")
894 ev
= enrollee_dev
.wait_event(["DPP-CONF-FAILED"], timeout
=5)
896 raise Exception("DPP configuration did not succeed (Enrollee)")
898 dev
[0].request("DPP_STOP_LISTEN")
900 def run_init_incompatible_roles(dev
, role
="enrollee"):
901 check_dpp_capab(dev
[0])
902 check_dpp_capab(dev
[1])
903 logger
.info("dev0 displays QR Code")
904 addr
= dev
[0].own_addr().replace(':', '')
905 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
907 raise Exception("Failed to generate bootstrapping info")
909 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
911 logger
.info("dev1 scans QR Code")
912 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
914 raise Exception("Failed to parse QR Code URI")
917 logger
.info("dev1 initiates DPP Authentication")
918 if "OK" not in dev
[0].request("DPP_LISTEN 2412 role=%s" % role
):
919 raise Exception("Failed to start listen operation")
922 def test_dpp_qr_code_auth_incompatible_roles(dev
, apdev
):
923 """DPP QR Code and authentication exchange (incompatible roles)"""
924 id1
= run_init_incompatible_roles(dev
)
925 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
926 raise Exception("Failed to initiate DPP Authentication")
927 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
929 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
930 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
932 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
934 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
935 raise Exception("Failed to initiate DPP Authentication")
936 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
938 raise Exception("DPP authentication did not succeed (Responder)")
939 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
941 raise Exception("DPP authentication did not succeed (Initiator)")
942 dev
[0].request("DPP_STOP_LISTEN")
944 def test_dpp_qr_code_auth_incompatible_roles2(dev
, apdev
):
945 """DPP QR Code and authentication exchange (incompatible roles 2)"""
946 id1
= run_init_incompatible_roles(dev
, role
="configurator")
947 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
948 raise Exception("Failed to initiate DPP Authentication")
949 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
951 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
952 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
954 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
956 def test_dpp_qr_code_auth_incompatible_roles_failure(dev
, apdev
):
957 """DPP QR Code and authentication exchange (incompatible roles failure)"""
958 id1
= run_init_incompatible_roles(dev
, role
="configurator")
959 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp_status"):
960 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
961 raise Exception("Failed to initiate DPP Authentication")
962 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
964 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
966 def test_dpp_qr_code_auth_incompatible_roles_failure2(dev
, apdev
):
967 """DPP QR Code and authentication exchange (incompatible roles failure 2)"""
968 id1
= run_init_incompatible_roles(dev
, role
="configurator")
969 with
alloc_fail(dev
[1], 1, "dpp_auth_resp_rx_status"):
970 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
971 raise Exception("Failed to initiate DPP Authentication")
972 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL")
974 def test_dpp_qr_code_auth_incompatible_roles_failure3(dev
, apdev
):
975 """DPP QR Code and authentication exchange (incompatible roles failure 3)"""
976 id1
= run_init_incompatible_roles(dev
, role
="configurator")
977 with
fail_test(dev
[1], 1, "dpp_auth_resp_rx_status"):
978 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
979 raise Exception("Failed to initiate DPP Authentication")
980 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
981 if ev
is None or "AES-SIV decryption failed" not in ev
:
982 raise Exception("AES-SIV decryption failure not reported")
984 def test_dpp_qr_code_auth_neg_chan(dev
, apdev
):
985 """DPP QR Code and authentication exchange with requested different channel"""
986 check_dpp_capab(dev
[0])
987 check_dpp_capab(dev
[1])
989 logger
.info("Create configurator on dev1")
990 cmd
= "DPP_CONFIGURATOR_ADD"
991 res
= dev
[1].request(cmd
);
993 raise Exception("Failed to add configurator")
996 logger
.info("dev0 displays QR Code")
997 addr
= dev
[0].own_addr().replace(':', '')
998 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
999 res
= dev
[0].request(cmd
)
1001 raise Exception("Failed to generate bootstrapping info")
1003 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1005 logger
.info("dev1 scans QR Code")
1006 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
1008 raise Exception("Failed to parse QR Code URI")
1011 logger
.info("dev1 initiates DPP Authentication")
1012 cmd
= "DPP_LISTEN 2412"
1013 if "OK" not in dev
[0].request(cmd
):
1014 raise Exception("Failed to start listen operation")
1015 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp neg_freq=2462" % (id1
, conf_id
)
1016 if "OK" not in dev
[1].request(cmd
):
1017 raise Exception("Failed to initiate DPP Authentication")
1019 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
1021 raise Exception("DPP Authentication Request not sent")
1022 if "freq=2412 type=0" not in ev
:
1023 raise Exception("Unexpected TX data for Authentication Request: " + ev
)
1025 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
1027 raise Exception("DPP Authentication Request not received")
1028 if "freq=2412 type=0" not in ev
:
1029 raise Exception("Unexpected RX data for Authentication Request: " + ev
)
1031 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
1033 raise Exception("TX status for DPP Authentication Request not reported")
1034 if "freq=2412 result=SUCCESS" not in ev
:
1035 raise Exception("Unexpected TX status for Authentication Request: " + ev
)
1037 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
1039 raise Exception("DPP Authentication Response not sent")
1040 if "freq=2462 type=1" not in ev
:
1041 raise Exception("Unexpected TX data for Authentication Response: " + ev
)
1043 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
1045 raise Exception("DPP Authentication Response not received")
1046 if "freq=2462 type=1" not in ev
:
1047 raise Exception("Unexpected RX data for Authentication Response: " + ev
)
1049 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
1051 raise Exception("TX status for DPP Authentication Response not reported")
1052 if "freq=2462 result=SUCCESS" not in ev
:
1053 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
1055 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
1057 raise Exception("DPP Authentication Confirm not sent")
1058 if "freq=2462 type=2" not in ev
:
1059 raise Exception("Unexpected TX data for Authentication Confirm: " + ev
)
1061 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
1063 raise Exception("DPP Authentication Confirm not received")
1064 if "freq=2462 type=2" not in ev
:
1065 raise Exception("Unexpected RX data for Authentication Confirm: " + ev
)
1067 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
1069 raise Exception("TX status for DPP Authentication Confirm not reported")
1070 if "freq=2462 result=SUCCESS" not in ev
:
1071 raise Exception("Unexpected TX status for Authentication Confirm: " + ev
)
1073 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1075 raise Exception("DPP authentication did not succeed (Responder)")
1076 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1078 raise Exception("DPP authentication did not succeed (Initiator)")
1079 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
1081 raise Exception("DPP configuration not completed (Configurator)")
1082 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
1084 raise Exception("DPP configuration not completed (Enrollee)")
1085 if "DPP-CONF-FAILED" in ev
:
1086 raise Exception("DPP configuration failed")
1087 dev
[0].request("DPP_STOP_LISTEN")
1088 dev
[0].dump_monitor()
1089 dev
[1].dump_monitor()
1091 def test_dpp_config_legacy(dev
, apdev
):
1092 """DPP Config Object for legacy network using passphrase"""
1093 check_dpp_capab(dev
[1])
1094 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}'
1095 dev
[1].set("dpp_config_obj_override", conf
)
1096 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1097 require_conf_success
=True)
1099 def test_dpp_config_legacy_psk_hex(dev
, apdev
):
1100 """DPP Config Object for legacy network using PSK"""
1101 check_dpp_capab(dev
[1])
1102 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"' + 32*"12" + '"}}'
1103 dev
[1].set("dpp_config_obj_override", conf
)
1104 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1105 require_conf_success
=True)
1107 def test_dpp_config_fragmentation(dev
, apdev
):
1108 """DPP Config Object for legacy network requiring fragmentation"""
1109 check_dpp_capab(dev
[1])
1110 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1111 dev
[1].set("dpp_config_obj_override", conf
)
1112 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1113 require_conf_success
=True)
1115 def test_dpp_config_legacy_gen(dev
, apdev
):
1116 """Generate DPP Config Object for legacy network"""
1117 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1118 init_extra
="conf=sta-psk pass=%s" % "passphrase".encode("hex"),
1119 require_conf_success
=True)
1121 def test_dpp_config_legacy_gen_psk(dev
, apdev
):
1122 """Generate DPP Config Object for legacy network (PSK)"""
1123 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1124 init_extra
="conf=sta-psk psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
1125 require_conf_success
=True)
1127 def test_dpp_config_dpp_gen_prime256v1(dev
, apdev
):
1128 """Generate DPP Config Object for DPP network (P-256)"""
1129 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1130 init_extra
="conf=sta-dpp",
1131 require_conf_success
=True,
1134 def test_dpp_config_dpp_gen_secp384r1(dev
, apdev
):
1135 """Generate DPP Config Object for DPP network (P-384)"""
1136 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1137 init_extra
="conf=sta-dpp",
1138 require_conf_success
=True,
1141 def test_dpp_config_dpp_gen_secp521r1(dev
, apdev
):
1142 """Generate DPP Config Object for DPP network (P-521)"""
1143 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1144 init_extra
="conf=sta-dpp",
1145 require_conf_success
=True,
1148 def test_dpp_config_dpp_gen_prime256v1_prime256v1(dev
, apdev
):
1149 """Generate DPP Config Object for DPP network (P-256 + P-256)"""
1150 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1151 init_extra
="conf=sta-dpp",
1152 require_conf_success
=True,
1154 conf_curve
="prime256v1")
1156 def test_dpp_config_dpp_gen_prime256v1_secp384r1(dev
, apdev
):
1157 """Generate DPP Config Object for DPP network (P-256 + P-384)"""
1158 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1159 init_extra
="conf=sta-dpp",
1160 require_conf_success
=True,
1162 conf_curve
="secp384r1")
1164 def test_dpp_config_dpp_gen_prime256v1_secp521r1(dev
, apdev
):
1165 """Generate DPP Config Object for DPP network (P-256 + P-521)"""
1166 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1167 init_extra
="conf=sta-dpp",
1168 require_conf_success
=True,
1170 conf_curve
="secp521r1")
1172 def test_dpp_config_dpp_gen_secp384r1_prime256v1(dev
, apdev
):
1173 """Generate DPP Config Object for DPP network (P-384 + P-256)"""
1174 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1175 init_extra
="conf=sta-dpp",
1176 require_conf_success
=True,
1178 conf_curve
="prime256v1")
1180 def test_dpp_config_dpp_gen_secp384r1_secp384r1(dev
, apdev
):
1181 """Generate DPP Config Object for DPP network (P-384 + P-384)"""
1182 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1183 init_extra
="conf=sta-dpp",
1184 require_conf_success
=True,
1186 conf_curve
="secp384r1")
1188 def test_dpp_config_dpp_gen_secp384r1_secp521r1(dev
, apdev
):
1189 """Generate DPP Config Object for DPP network (P-384 + P-521)"""
1190 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1191 init_extra
="conf=sta-dpp",
1192 require_conf_success
=True,
1194 conf_curve
="secp521r1")
1196 def test_dpp_config_dpp_gen_secp521r1_prime256v1(dev
, apdev
):
1197 """Generate DPP Config Object for DPP network (P-521 + P-256)"""
1198 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1199 init_extra
="conf=sta-dpp",
1200 require_conf_success
=True,
1202 conf_curve
="prime256v1")
1204 def test_dpp_config_dpp_gen_secp521r1_secp384r1(dev
, apdev
):
1205 """Generate DPP Config Object for DPP network (P-521 + P-384)"""
1206 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1207 init_extra
="conf=sta-dpp",
1208 require_conf_success
=True,
1210 conf_curve
="secp384r1")
1212 def test_dpp_config_dpp_gen_secp521r1_secp521r1(dev
, apdev
):
1213 """Generate DPP Config Object for DPP network (P-521 + P-521)"""
1214 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1215 init_extra
="conf=sta-dpp",
1216 require_conf_success
=True,
1218 conf_curve
="secp521r1")
1220 def test_dpp_config_dpp_gen_expiry(dev
, apdev
):
1221 """Generate DPP Config Object for DPP network with expiry value"""
1222 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1223 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() + 1000),
1224 require_conf_success
=True,
1227 def test_dpp_config_dpp_gen_expired_key(dev
, apdev
):
1228 """Generate DPP Config Object for DPP network with expiry value"""
1229 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1230 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() - 10),
1231 require_conf_failure
=True,
1234 def test_dpp_config_dpp_override_prime256v1(dev
, apdev
):
1235 """DPP Config Object override (P-256)"""
1236 check_dpp_capab(dev
[0])
1237 check_dpp_capab(dev
[1])
1238 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiYVRGNEpFR0lQS1NaMFh2OXpkQ01qbS10bjVYcE1zWUlWWjl3eVNBejFnSSIsInkiOiJRR2NIV0FfNnJiVTlYRFhBenRvWC1NNVEzc3VUbk1hcUVoVUx0bjdTU1h3In19._sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A","csign":{"kty":"EC","crv":"P-256","x":"W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s","y":"Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}}}'
1239 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1240 dev
[1].set("dpp_config_obj_override", conf
)
1241 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1242 require_conf_success
=True)
1244 def test_dpp_config_dpp_override_secp384r1(dev
, apdev
):
1245 """DPP Config Object override (P-384)"""
1246 check_dpp_capab(dev
[0])
1247 check_dpp_capab(dev
[1])
1248 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJabi1iMndjbjRLM2pGQklkYmhGZkpVTHJTXzdESS0yMWxFQi02R3gxNjl3IiwiYWxnIjoiRVMzODQifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0zODQiLCJ4IjoickdrSGg1UUZsOUtfWjdqYUZkVVhmbThoY1RTRjM1b25Xb1NIRXVsbVNzWW9oX1RXZGpoRjhiVGdiS0ZRN2tBViIsInkiOiJBbU1QVDA5VmFENWpGdzMwTUFKQlp2VkZXeGNlVVlKLXR5blQ0bVJ5N0xOZWxhZ0dEWHpfOExaRlpOU2FaNUdLIn19.Yn_F7m-bbOQ5PlaYQJ9-1qsuqYQ6V-rAv8nWw1COKiCYwwbt3WFBJ8DljY0dPrlg5CHJC4saXwkytpI-CpELW1yUdzYb4Lrun07d20Eo_g10ICyOl5sqQCAUElKMe_Xr","csign":{"kty":"EC","crv":"P-384","x":"dmTyXXiPV2Y8a01fujL-jo08gvzyby23XmzOtzjAiujKQZZgPJsbhfEKrZDlc6ey","y":"H5Z0av5c7bqInxYb2_OOJdNiMhVf3zlcULR0516ZZitOY4U31KhL4wl4KGV7g2XW","kid":"Zn-b2wcn4K3jFBIdbhFfJULrS_7DI-21lEB-6Gx169w"}}}'
1249 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1250 dev
[1].set("dpp_config_obj_override", conf
)
1251 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1252 require_conf_success
=True)
1254 def test_dpp_config_dpp_override_secp521r1(dev
, apdev
):
1255 """DPP Config Object override (P-521)"""
1256 check_dpp_capab(dev
[0])
1257 check_dpp_capab(dev
[1])
1258 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJMZkhKY3hnV2ZKcG1uS2IwenZRT0F2VDB2b0ZKc0JjZnBmYzgxY3Y5ZXFnIiwiYWxnIjoiRVM1MTIifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC01MjEiLCJ4IjoiQVJlUFBrMFNISkRRR2NWbnlmM3lfbTlaQllHNjFJeElIbDN1NkdwRHVhMkU1WVd4TE1BSUtMMnZuUGtlSGFVRXljRmZaZlpYZ2JlNkViUUxMVkRVUm1VUSIsInkiOiJBWUtaYlNwUkFFNjJVYm9YZ2c1ZWRBVENzbEpzTlpwcm9RR1dUcW9Md04weXkzQkVoT3ZRZmZrOWhaR2lKZ295TzFobXFRRVRrS0pXb2tIYTBCQUpLSGZtIn19.ACEZLyPk13cM_OFScpLoCElQ2t1sxq5z2d_W_3_QslTQQe5SFiH_o8ycL4632YLAH4RV0gZcMKKRMtZdHgBYHjkzASDqgY-_aYN2SBmpfl8hw0YdDlUJWX3DJf-ofqNAlTbnGmhpSg69cEAhFn41Xgvx2MdwYcPVncxxESVOtWl5zNLK","csign":{"kty":"EC","crv":"P-521","x":"ADiOI_YJOAipEXHB-SpGl4KqokX8m8h3BVYCc8dgiwssZ061-nIIY3O1SIO6Re4Jjfy53RPgzDG6jitOgOGLtzZs","y":"AZKggKaQi0ExutSpJAU3-lqDV03sBQLA9C7KabfWoAn8qD6Vk4jU0WAJdt-wBBTF9o1nVuiqS2OxMVYrxN4lOz79","kid":"LfHJcxgWfJpmnKb0zvQOAvT0voFJsBcfpfc81cv9eqg"}}}'
1259 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1260 dev
[1].set("dpp_config_obj_override", conf
)
1261 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1262 require_conf_success
=True)
1264 def test_dpp_config_override_objects(dev
, apdev
):
1265 """Generate DPP Config Object and override objects)"""
1266 check_dpp_capab(dev
[1])
1267 discovery
= '{\n"ssid":"mywifi"\n}'
1268 groups
= '[\n {"groupId":"home","netRole":"sta"},\n {"groupId":"cottage","netRole":"sta"}\n]'
1269 dev
[1].set("dpp_discovery_override", discovery
)
1270 dev
[1].set("dpp_groups_override", groups
)
1271 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1272 init_extra
="conf=sta-dpp",
1273 require_conf_success
=True,
1276 def build_conf_obj(kty
="EC", crv
="P-256",
1277 x
="W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s",
1278 y
="Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE",
1279 kid
="TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU",
1280 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}',
1281 signed_connector
=None,
1282 no_signed_connector
=False,
1284 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{'
1285 conf
+= '"akm":"dpp",'
1287 if signed_connector
:
1288 conn
= signed_connector
1289 conf
+= '"signedConnector":"%s",' % conn
1290 elif not no_signed_connector
:
1291 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1292 sign
= "_sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A"
1293 conn
= base64
.urlsafe_b64encode(prot_hdr
).rstrip('=') + '.'
1294 conn
+= base64
.urlsafe_b64encode(payload
).rstrip('=') + '.'
1296 conf
+= '"signedConnector":"%s",' % conn
1301 conf
+= '"kty":"%s",' % kty
1303 conf
+= '"crv":"%s",' % crv
1305 conf
+= '"x":"%s",' % x
1307 conf
+= '"y":"%s",' % y
1309 conf
+= '"kid":"%s"' % kid
1310 conf
= conf
.rstrip(',')
1313 conf
= conf
.rstrip(',')
1319 def run_dpp_config_error(dev
, apdev
, conf
,
1320 skip_net_access_key_mismatch
=True):
1321 check_dpp_capab(dev
[0])
1322 check_dpp_capab(dev
[1])
1323 if skip_net_access_key_mismatch
:
1324 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1325 dev
[1].set("dpp_config_obj_override", conf
)
1326 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1327 require_conf_failure
=True)
1329 def test_dpp_config_jwk_error_no_kty(dev
, apdev
):
1330 """DPP Config Object JWK error - no kty"""
1331 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
=None))
1333 def test_dpp_config_jwk_error_unexpected_kty(dev
, apdev
):
1334 """DPP Config Object JWK error - unexpected kty"""
1335 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
="unknown"))
1337 def test_dpp_config_jwk_error_no_crv(dev
, apdev
):
1338 """DPP Config Object JWK error - no crv"""
1339 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
=None))
1341 def test_dpp_config_jwk_error_unsupported_crv(dev
, apdev
):
1342 """DPP Config Object JWK error - unsupported curve"""
1343 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
="unsupported"))
1345 def test_dpp_config_jwk_error_no_x(dev
, apdev
):
1346 """DPP Config Object JWK error - no x"""
1347 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
=None))
1349 def test_dpp_config_jwk_error_invalid_x(dev
, apdev
):
1350 """DPP Config Object JWK error - invalid x"""
1351 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
="MTIz"))
1353 def test_dpp_config_jwk_error_no_y(dev
, apdev
):
1354 """DPP Config Object JWK error - no y"""
1355 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
=None))
1357 def test_dpp_config_jwk_error_invalid_y(dev
, apdev
):
1358 """DPP Config Object JWK error - invalid y"""
1359 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
="MTIz"))
1361 def test_dpp_config_jwk_error_invalid_xy(dev
, apdev
):
1362 """DPP Config Object JWK error - invalid x,y"""
1363 conf
= build_conf_obj(x
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY",
1364 y
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY")
1365 run_dpp_config_error(dev
, apdev
, conf
)
1367 def test_dpp_config_jwk_error_no_kid(dev
, apdev
):
1368 """DPP Config Object JWK error - no kid"""
1369 run_dpp_config_error(dev
, apdev
, build_conf_obj(kid
=None))
1371 def test_dpp_config_jws_error_prot_hdr_not_an_object(dev
, apdev
):
1372 """DPP Config Object JWS error - protected header not an object"""
1373 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
="1"))
1375 def test_dpp_config_jws_error_prot_hdr_no_typ(dev
, apdev
):
1376 """DPP Config Object JWS error - protected header - no typ"""
1377 prot_hdr
='{"kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1378 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1380 def test_dpp_config_jws_error_prot_hdr_unsupported_typ(dev
, apdev
):
1381 """DPP Config Object JWS error - protected header - unsupported typ"""
1382 prot_hdr
='{"typ":"unsupported","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1383 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1385 def test_dpp_config_jws_error_prot_hdr_no_alg(dev
, apdev
):
1386 """DPP Config Object JWS error - protected header - no alg"""
1387 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}'
1388 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1390 def test_dpp_config_jws_error_prot_hdr_unexpected_alg(dev
, apdev
):
1391 """DPP Config Object JWS error - protected header - unexpected alg"""
1392 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"unexpected"}'
1393 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1395 def test_dpp_config_jws_error_prot_hdr_no_kid(dev
, apdev
):
1396 """DPP Config Object JWS error - protected header - no kid"""
1397 prot_hdr
='{"typ":"dppCon","alg":"ES256"}'
1398 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1400 def test_dpp_config_jws_error_prot_hdr_unexpected_kid(dev
, apdev
):
1401 """DPP Config Object JWS error - protected header - unexpected kid"""
1402 prot_hdr
='{"typ":"dppCon","kid":"MTIz","alg":"ES256"}'
1403 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1405 def test_dpp_config_signed_connector_error_no_dot_1(dev
, apdev
):
1406 """DPP Config Object signedConnector error - no dot(1)"""
1408 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1410 def test_dpp_config_signed_connector_error_no_dot_2(dev
, apdev
):
1411 """DPP Config Object signedConnector error - no dot(2)"""
1412 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz"
1413 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1415 def test_dpp_config_signed_connector_error_unexpected_signature_len(dev
, apdev
):
1416 """DPP Config Object signedConnector error - unexpected signature length"""
1417 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTIz"
1418 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1420 def test_dpp_config_signed_connector_error_invalid_signature_der(dev
, apdev
):
1421 """DPP Config Object signedConnector error - invalid signature DER"""
1422 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTI"
1423 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1425 def test_dpp_config_no_csign(dev
, apdev
):
1426 """DPP Config Object error - no csign"""
1427 run_dpp_config_error(dev
, apdev
, build_conf_obj(csign
=False))
1429 def test_dpp_config_no_signed_connector(dev
, apdev
):
1430 """DPP Config Object error - no signedConnector"""
1431 run_dpp_config_error(dev
, apdev
, build_conf_obj(no_signed_connector
=True))
1433 def test_dpp_config_unexpected_signed_connector_char(dev
, apdev
):
1434 """DPP Config Object error - unexpected signedConnector character"""
1435 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
='a\nb'))
1437 def test_dpp_config_root_not_an_object(dev
, apdev
):
1438 """DPP Config Object error - root not an object"""
1440 run_dpp_config_error(dev
, apdev
, conf
)
1442 def test_dpp_config_no_wi_fi_tech(dev
, apdev
):
1443 """DPP Config Object error - no wi-fi_tech"""
1445 run_dpp_config_error(dev
, apdev
, conf
)
1447 def test_dpp_config_unsupported_wi_fi_tech(dev
, apdev
):
1448 """DPP Config Object error - unsupported wi-fi_tech"""
1449 conf
= '{"wi-fi_tech":"unsupported"}'
1450 run_dpp_config_error(dev
, apdev
, conf
)
1452 def test_dpp_config_no_discovery(dev
, apdev
):
1453 """DPP Config Object error - no discovery"""
1454 conf
= '{"wi-fi_tech":"infra"}'
1455 run_dpp_config_error(dev
, apdev
, conf
)
1457 def test_dpp_config_no_discovery_ssid(dev
, apdev
):
1458 """DPP Config Object error - no discovery::ssid"""
1459 conf
= '{"wi-fi_tech":"infra","discovery":{}}'
1460 run_dpp_config_error(dev
, apdev
, conf
)
1462 def test_dpp_config_too_long_discovery_ssid(dev
, apdev
):
1463 """DPP Config Object error - too long discovery::ssid"""
1464 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"%s"}}' % (33*'A')
1465 run_dpp_config_error(dev
, apdev
, conf
)
1467 def test_dpp_config_no_cred(dev
, apdev
):
1468 """DPP Config Object error - no cred"""
1469 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"}}'
1470 run_dpp_config_error(dev
, apdev
, conf
)
1472 def test_dpp_config_no_cred_akm(dev
, apdev
):
1473 """DPP Config Object error - no cred::akm"""
1474 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{}}'
1475 run_dpp_config_error(dev
, apdev
, conf
)
1477 def test_dpp_config_unsupported_cred_akm(dev
, apdev
):
1478 """DPP Config Object error - unsupported cred::akm"""
1479 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"unsupported"}}'
1480 run_dpp_config_error(dev
, apdev
, conf
)
1482 def test_dpp_config_error_legacy_no_pass(dev
, apdev
):
1483 """DPP Config Object legacy error - no pass/psk"""
1484 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk"}}'
1485 run_dpp_config_error(dev
, apdev
, conf
)
1487 def test_dpp_config_error_legacy_too_short_pass(dev
, apdev
):
1488 """DPP Config Object legacy error - too short pass/psk"""
1489 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"1"}}'
1490 run_dpp_config_error(dev
, apdev
, conf
)
1492 def test_dpp_config_error_legacy_too_long_pass(dev
, apdev
):
1493 """DPP Config Object legacy error - too long pass/psk"""
1494 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"%s"}}' % (64*'A')
1495 run_dpp_config_error(dev
, apdev
, conf
)
1497 def test_dpp_config_error_legacy_psk_with_sae(dev
, apdev
):
1498 """DPP Config Object legacy error - psk_hex with SAE"""
1499 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"sae","psk_hex":"%s"}}' % (32*"12")
1500 run_dpp_config_error(dev
, apdev
, conf
)
1502 def test_dpp_config_error_legacy_no_pass_for_sae(dev
, apdev
):
1503 """DPP Config Object legacy error - no pass for SAE"""
1504 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk+sae","psk_hex":"%s"}}' % (32*"12")
1505 run_dpp_config_error(dev
, apdev
, conf
)
1507 def test_dpp_config_error_legacy_invalid_psk(dev
, apdev
):
1508 """DPP Config Object legacy error - invalid psk_hex"""
1509 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (32*"qa")
1510 run_dpp_config_error(dev
, apdev
, conf
)
1512 def test_dpp_config_error_legacy_too_short_psk(dev
, apdev
):
1513 """DPP Config Object legacy error - too short psk_hex"""
1514 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (31*"12")
1515 run_dpp_config_error(dev
, apdev
, conf
)
1517 def ecdsa_sign(pkey
, message
, alg
="sha256"):
1518 sign
= OpenSSL
.crypto
.sign(pkey
, message
, alg
)
1519 a
,b
= struct
.unpack('BB', sign
[0:2])
1521 raise Exception("Invalid DER encoding of ECDSA signature")
1522 if b
!= len(sign
) - 2:
1523 raise Exception("Invalid length of ECDSA signature")
1526 a
,b
= struct
.unpack('BB', sign
[0:2])
1528 raise Exception("Invalid DER encoding of ECDSA signature r")
1529 if b
> len(sign
) - 2:
1530 raise Exception("Invalid length of ECDSA signature r")
1539 raise Exception("Invalid length of ECDSA signature r")
1541 a
,b
= struct
.unpack('BB', sign
[0:2])
1543 raise Exception("Invalid DER encoding of ECDSA signature s")
1544 if b
> len(sign
) - 2:
1545 raise Exception("Invalid length of ECDSA signature s")
1554 raise Exception("Invalid length of ECDSA signature s")
1556 raise Exception("Extra data at the end of ECDSA signature")
1559 return base64
.urlsafe_b64encode(raw_sign
).rstrip('=')
1561 p256_priv_key
= """-----BEGIN EC PRIVATE KEY-----
1562 MHcCAQEEIBVQij9ah629f1pu3tarDQGQvrzHgAkgYd1jHGiLxNajoAoGCCqGSM49
1563 AwEHoUQDQgAEAC9d2/JirKu72F2qLuv5jEFMD1Cqu9EiyGk7cOzn/2DJ51p2mEoW
1564 n03N6XRvTC+G7WPol9Ng97NAM2sK57+F/Q==
1565 -----END EC PRIVATE KEY-----"""
1566 p256_pub_key_x
= binascii
.unhexlify("002f5ddbf262acabbbd85daa2eebf98c414c0f50aabbd122c8693b70ece7ff60")
1567 p256_pub_key_y
= binascii
.unhexlify("c9e75a76984a169f4dcde9746f4c2f86ed63e897d360f7b340336b0ae7bf85fd")
1569 def run_dpp_config_connector(dev
, apdev
, expiry
=None, payload
=None,
1570 skip_net_access_key_mismatch
=True):
1571 if not openssl_imported
:
1572 raise HwsimSkip("OpenSSL python method not available")
1573 pkey
= OpenSSL
.crypto
.load_privatekey(OpenSSL
.crypto
.FILETYPE_PEM
,
1575 x
= base64
.urlsafe_b64encode(p256_pub_key_x
).rstrip('=')
1576 y
= base64
.urlsafe_b64encode(p256_pub_key_y
).rstrip('=')
1578 pubkey
= '\04' + p256_pub_key_x
+ p256_pub_key_y
1579 kid
= base64
.urlsafe_b64encode(hashlib
.sha256(pubkey
).digest()).rstrip('=')
1581 prot_hdr
= '{"typ":"dppCon","kid":"%s","alg":"ES256"}' % kid
1584 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}'
1586 payload
+= ',"expiry":"%s"' % expiry
1588 conn
= base64
.urlsafe_b64encode(prot_hdr
).rstrip('=') + '.'
1589 conn
+= base64
.urlsafe_b64encode(payload
).rstrip('=')
1590 sign
= ecdsa_sign(pkey
, conn
)
1592 run_dpp_config_error(dev
, apdev
,
1593 build_conf_obj(x
=x
, y
=y
, signed_connector
=conn
),
1594 skip_net_access_key_mismatch
=skip_net_access_key_mismatch
)
1596 def test_dpp_config_connector_error_ext_sign(dev
, apdev
):
1597 """DPP Config Object connector error - external signature calculation"""
1598 run_dpp_config_connector(dev
, apdev
)
1600 def test_dpp_config_connector_error_too_short_timestamp(dev
, apdev
):
1601 """DPP Config Object connector error - too short timestamp"""
1602 run_dpp_config_connector(dev
, apdev
, expiry
="1")
1604 def test_dpp_config_connector_error_invalid_timestamp(dev
, apdev
):
1605 """DPP Config Object connector error - invalid timestamp"""
1606 run_dpp_config_connector(dev
, apdev
, expiry
=19*"1")
1608 def test_dpp_config_connector_error_invalid_timestamp_date(dev
, apdev
):
1609 """DPP Config Object connector error - invalid timestamp date"""
1610 run_dpp_config_connector(dev
, apdev
, expiry
="9999-99-99T99:99:99Z")
1612 def test_dpp_config_connector_error_invalid_time_zone(dev
, apdev
):
1613 """DPP Config Object connector error - invalid time zone"""
1614 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00*")
1616 def test_dpp_config_connector_error_invalid_time_zone_2(dev
, apdev
):
1617 """DPP Config Object connector error - invalid time zone 2"""
1618 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+")
1620 def test_dpp_config_connector_error_expired_1(dev
, apdev
):
1621 """DPP Config Object connector error - expired 1"""
1622 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00")
1624 def test_dpp_config_connector_error_expired_2(dev
, apdev
):
1625 """DPP Config Object connector error - expired 2"""
1626 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00Z")
1628 def test_dpp_config_connector_error_expired_3(dev
, apdev
):
1629 """DPP Config Object connector error - expired 3"""
1630 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01")
1632 def test_dpp_config_connector_error_expired_4(dev
, apdev
):
1633 """DPP Config Object connector error - expired 4"""
1634 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01:02")
1636 def test_dpp_config_connector_error_expired_5(dev
, apdev
):
1637 """DPP Config Object connector error - expired 5"""
1638 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01")
1640 def test_dpp_config_connector_error_expired_6(dev
, apdev
):
1641 """DPP Config Object connector error - expired 6"""
1642 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01:02")
1644 def test_dpp_config_connector_error_no_groups(dev
, apdev
):
1645 """DPP Config Object connector error - no groups"""
1646 payload
= '{"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1647 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1649 def test_dpp_config_connector_error_empty_groups(dev
, apdev
):
1650 """DPP Config Object connector error - empty groups"""
1651 payload
= '{"groups":[],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1652 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1654 def test_dpp_config_connector_error_missing_group_id(dev
, apdev
):
1655 """DPP Config Object connector error - missing groupId"""
1656 payload
= '{"groups":[{"netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1657 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1659 def test_dpp_config_connector_error_missing_net_role(dev
, apdev
):
1660 """DPP Config Object connector error - missing netRole"""
1661 payload
= '{"groups":[{"groupId":"*"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1662 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1664 def test_dpp_config_connector_error_missing_net_access_key(dev
, apdev
):
1665 """DPP Config Object connector error - missing netAccessKey"""
1666 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}]}'
1667 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1669 def test_dpp_config_connector_error_net_access_key_mismatch(dev
, apdev
):
1670 """DPP Config Object connector error - netAccessKey mismatch"""
1671 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1672 run_dpp_config_connector(dev
, apdev
, payload
=payload
,
1673 skip_net_access_key_mismatch
=False)
1675 def test_dpp_gas_timeout(dev
, apdev
):
1676 """DPP and GAS server timeout for a query"""
1677 check_dpp_capab(dev
[0])
1678 check_dpp_capab(dev
[1])
1679 logger
.info("dev0 displays QR Code")
1680 addr
= dev
[0].own_addr().replace(':', '')
1681 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1682 res
= dev
[0].request(cmd
)
1684 raise Exception("Failed to generate bootstrapping info")
1686 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1688 logger
.info("dev1 scans QR Code")
1689 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
1691 raise Exception("Failed to parse QR Code URI")
1694 logger
.info("dev1 initiates DPP Authentication")
1695 dev
[0].set("ext_mgmt_frame_handling", "1")
1696 cmd
= "DPP_LISTEN 2412"
1697 if "OK" not in dev
[0].request(cmd
):
1698 raise Exception("Failed to start listen operation")
1700 # Force GAS fragmentation
1701 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1702 dev
[1].set("dpp_config_obj_override", conf
)
1704 cmd
= "DPP_AUTH_INIT peer=%d" % id1
1705 if "OK" not in dev
[1].request(cmd
):
1706 raise Exception("Failed to initiate DPP Authentication")
1708 # DPP Authentication Request
1709 msg
= dev
[0].mgmt_rx()
1710 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1711 raise Exception("MGMT_RX_PROCESS failed")
1713 # DPP Authentication Confirmation
1714 msg
= dev
[0].mgmt_rx()
1715 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1716 raise Exception("MGMT_RX_PROCESS failed")
1718 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1720 raise Exception("DPP authentication did not succeed (Responder)")
1721 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1723 raise Exception("DPP authentication did not succeed (Initiator)")
1725 # DPP Configuration Response (GAS Initial Response frame)
1726 msg
= dev
[0].mgmt_rx()
1727 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1728 raise Exception("MGMT_RX_PROCESS failed")
1730 # GAS Comeback Response frame
1731 msg
= dev
[0].mgmt_rx()
1732 # Do not continue to force timeout on GAS server
1734 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
1736 raise Exception("GAS result not reported (Enrollee)")
1737 if "result=TIMEOUT" not in ev
:
1738 raise Exception("Unexpected GAS result (Enrollee): " + ev
)
1739 dev
[0].set("ext_mgmt_frame_handling", "0")
1741 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=15)
1743 raise Exception("DPP configuration failure not reported (Configurator)")
1745 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=1)
1747 raise Exception("DPP configuration failure not reported (Enrollee)")
1749 def test_dpp_akm_sha256(dev
, apdev
):
1750 """DPP AKM (SHA256)"""
1751 run_dpp_akm(dev
, apdev
, 32)
1753 def test_dpp_akm_sha384(dev
, apdev
):
1754 """DPP AKM (SHA384)"""
1755 run_dpp_akm(dev
, apdev
, 48)
1757 def test_dpp_akm_sha512(dev
, apdev
):
1758 """DPP AKM (SHA512)"""
1759 run_dpp_akm(dev
, apdev
, 64)
1761 def run_dpp_akm(dev
, apdev
, pmk_len
):
1762 check_dpp_capab(dev
[0])
1763 check_dpp_capab(dev
[1])
1764 params
= { "ssid": "dpp",
1766 "wpa_key_mgmt": "DPP",
1767 "rsn_pairwise": "CCMP",
1770 hapd
= hostapd
.add_ap(apdev
[0], params
)
1772 raise HwsimSkip("DPP not supported")
1774 id = dev
[0].connect("dpp", key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
1776 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=2)
1778 raise Exception("Network mismatch not reported")
1779 dev
[0].request("DISCONNECT")
1780 dev
[0].dump_monitor()
1782 bssid
= hapd
.own_addr()
1786 cmd
= "PMKSA_ADD %d %s %s %s 30240 43200 %d 0" % (id, bssid
, pmkid
, pmk
, akmp
)
1787 if "OK" not in dev
[0].request(cmd
):
1788 raise Exception("PMKSA_ADD failed (wpa_supplicant)")
1789 dev
[0].select_network(id, freq
="2412")
1790 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=2)
1791 dev
[0].request("DISCONNECT")
1792 dev
[0].dump_monitor()
1794 raise Exception("Association attempt was not rejected")
1795 if "status_code=53" not in ev
:
1796 raise Exception("Unexpected status code: " + ev
)
1798 addr
= dev
[0].own_addr()
1799 cmd
= "PMKSA_ADD %s %s %s 0 %d" % (addr
, pmkid
, pmk
, akmp
)
1800 if "OK" not in hapd
.request(cmd
):
1801 raise Exception("PMKSA_ADD failed (hostapd)")
1803 dev
[0].select_network(id, freq
="2412")
1804 dev
[0].wait_connected()
1805 val
= dev
[0].get_status_field("key_mgmt")
1807 raise Exception("Unexpected key_mgmt: " + val
)
1809 def test_dpp_network_introduction(dev
, apdev
):
1810 """DPP network introduction"""
1811 check_dpp_capab(dev
[0])
1812 check_dpp_capab(dev
[1])
1814 csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1815 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1816 ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1817 sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1818 sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1820 params
= { "ssid": "dpp",
1822 "wpa_key_mgmt": "DPP",
1824 "rsn_pairwise": "CCMP",
1825 "dpp_connector": ap_connector
,
1827 "dpp_netaccesskey": ap_netaccesskey
}
1829 hapd
= hostapd
.add_ap(apdev
[0], params
)
1831 raise HwsimSkip("DPP not supported")
1833 id = dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
1836 dpp_connector
=sta_connector
,
1837 dpp_netaccesskey
=sta_netaccesskey
)
1838 val
= dev
[0].get_status_field("key_mgmt")
1840 raise Exception("Unexpected key_mgmt: " + val
)
1842 def test_dpp_and_sae_akm(dev
, apdev
):
1843 """DPP and SAE AKMs"""
1844 check_dpp_capab(dev
[0])
1845 check_dpp_capab(dev
[1])
1846 if "SAE" not in dev
[1].get_capability("auth_alg"):
1847 raise HwsimSkip("SAE not supported")
1849 csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1850 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1851 ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1852 sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1853 sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1855 params
= { "ssid": "dpp+sae",
1857 "wpa_key_mgmt": "DPP SAE",
1859 "rsn_pairwise": "CCMP",
1860 "sae_password": "sae-password",
1861 "dpp_connector": ap_connector
,
1863 "dpp_netaccesskey": ap_netaccesskey
}
1865 hapd
= hostapd
.add_ap(apdev
[0], params
)
1867 raise HwsimSkip("DPP not supported")
1869 id = dev
[0].connect("dpp+sae", key_mgmt
="DPP", scan_freq
="2412",
1872 dpp_connector
=sta_connector
,
1873 dpp_netaccesskey
=sta_netaccesskey
)
1874 val
= dev
[0].get_status_field("key_mgmt")
1876 raise Exception("Unexpected key_mgmt for DPP: " + val
)
1878 id = dev
[1].connect("dpp+sae", key_mgmt
="SAE", scan_freq
="2412",
1879 ieee80211w
="2", psk
="sae-password")
1880 val
= dev
[1].get_status_field("key_mgmt")
1882 raise Exception("Unexpected key_mgmt for SAE: " + val
)
1884 def test_dpp_ap_config(dev
, apdev
):
1885 """DPP and AP configuration"""
1886 run_dpp_ap_config(dev
, apdev
)
1888 def test_dpp_ap_config_p256_p256(dev
, apdev
):
1889 """DPP and AP configuration (P-256 + P-256)"""
1890 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-256")
1892 def test_dpp_ap_config_p256_p384(dev
, apdev
):
1893 """DPP and AP configuration (P-256 + P-384)"""
1894 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-384")
1896 def test_dpp_ap_config_p256_p521(dev
, apdev
):
1897 """DPP and AP configuration (P-256 + P-521)"""
1898 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-521")
1900 def test_dpp_ap_config_p384_p256(dev
, apdev
):
1901 """DPP and AP configuration (P-384 + P-256)"""
1902 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-256")
1904 def test_dpp_ap_config_p384_p384(dev
, apdev
):
1905 """DPP and AP configuration (P-384 + P-384)"""
1906 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-384")
1908 def test_dpp_ap_config_p384_p521(dev
, apdev
):
1909 """DPP and AP configuration (P-384 + P-521)"""
1910 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-521")
1912 def test_dpp_ap_config_p521_p256(dev
, apdev
):
1913 """DPP and AP configuration (P-521 + P-256)"""
1914 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-256")
1916 def test_dpp_ap_config_p521_p384(dev
, apdev
):
1917 """DPP and AP configuration (P-521 + P-384)"""
1918 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-384")
1920 def test_dpp_ap_config_p521_p521(dev
, apdev
):
1921 """DPP and AP configuration (P-521 + P-521)"""
1922 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-521")
1924 def test_dpp_ap_config_reconfig_configurator(dev
, apdev
):
1925 """DPP and AP configuration with Configurator reconfiguration"""
1926 run_dpp_ap_config(dev
, apdev
, reconf_configurator
=True)
1928 def update_hapd_config(hapd
):
1929 ev
= hapd
.wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1931 raise Exception("SSID not reported (AP)")
1932 ssid
= ev
.split(' ')[1]
1934 ev
= hapd
.wait_event(["DPP-CONNECTOR"], timeout
=1)
1936 raise Exception("Connector not reported (AP)")
1937 connector
= ev
.split(' ')[1]
1939 ev
= hapd
.wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
1941 raise Exception("C-sign-key not reported (AP)")
1945 ev
= hapd
.wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
1947 raise Exception("netAccessKey not reported (AP)")
1949 net_access_key
= p
[1]
1950 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
1952 logger
.info("Update AP configuration to use key_mgmt=DPP")
1954 hapd
.set("ssid", ssid
)
1955 hapd
.set("wpa", "2")
1956 hapd
.set("wpa_key_mgmt", "DPP")
1957 hapd
.set("ieee80211w", "2")
1958 hapd
.set("rsn_pairwise", "CCMP")
1959 hapd
.set("dpp_connector", connector
)
1960 hapd
.set("dpp_csign", csign
)
1961 hapd
.set("dpp_netaccesskey", net_access_key
)
1962 if net_access_key_expiry
:
1963 hapd
.set("dpp_netaccesskey_expiry", net_access_key_expiry
)
1966 def run_dpp_ap_config(dev
, apdev
, curve
=None, conf_curve
=None,
1967 reconf_configurator
=False):
1968 check_dpp_capab(dev
[0])
1969 check_dpp_capab(dev
[1])
1970 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
1971 check_dpp_capab(hapd
)
1973 addr
= hapd
.own_addr().replace(':', '')
1974 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1976 cmd
+= " curve=" + curve
1977 res
= hapd
.request(cmd
)
1979 raise Exception("Failed to generate bootstrapping info")
1981 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
1983 cmd
= "DPP_CONFIGURATOR_ADD"
1985 cmd
+= " curve=" + conf_curve
1986 res
= dev
[0].request(cmd
);
1988 raise Exception("Failed to add configurator")
1991 if reconf_configurator
:
1992 csign
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
1993 if "FAIL" in csign
or len(csign
) == 0:
1994 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
1996 res
= dev
[0].request("DPP_QR_CODE " + uri
)
1998 raise Exception("Failed to parse QR Code URI")
2001 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
2002 if "OK" not in dev
[0].request(cmd
):
2003 raise Exception("Failed to initiate DPP Authentication")
2004 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2006 raise Exception("DPP authentication did not succeed (Responder)")
2007 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2009 raise Exception("DPP authentication did not succeed (Initiator)")
2010 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2012 raise Exception("DPP configuration not completed (Configurator)")
2013 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
2015 raise Exception("DPP configuration not completed (Enrollee)")
2016 if "DPP-CONF-FAILED" in ev
:
2017 raise Exception("DPP configuration failed")
2019 update_hapd_config(hapd
)
2021 addr
= dev
[1].own_addr().replace(':', '')
2022 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2024 cmd
+= " curve=" + curve
2025 res
= dev
[1].request(cmd
)
2027 raise Exception("Failed to generate bootstrapping info")
2029 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2031 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2033 raise Exception("Failed to parse QR Code URI")
2036 if reconf_configurator
:
2037 res
= dev
[0].request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
2039 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
2040 cmd
= "DPP_CONFIGURATOR_ADD"
2042 cmd
+= " curve=" + conf_curve
2043 cmd
+= " key=" + csign
2044 res
= dev
[0].request(cmd
);
2046 raise Exception("Failed to add configurator (reconf)")
2049 cmd
= "DPP_LISTEN 2412"
2050 if "OK" not in dev
[1].request(cmd
):
2051 raise Exception("Failed to start listen operation")
2052 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id0b
, conf_id
)
2053 if "OK" not in dev
[0].request(cmd
):
2054 raise Exception("Failed to initiate DPP Authentication")
2055 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2057 raise Exception("DPP authentication did not succeed (Responder)")
2058 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2060 raise Exception("DPP authentication did not succeed (Initiator)")
2061 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2063 raise Exception("DPP configuration not completed (Configurator)")
2064 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2066 raise Exception("DPP configuration not completed (Enrollee)")
2067 dev
[1].request("DPP_STOP_LISTEN")
2069 ev
= dev
[1].wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
2071 raise Exception("SSID not reported")
2072 ssid
= ev
.split(' ')[1]
2074 ev
= dev
[1].wait_event(["DPP-CONNECTOR"], timeout
=1)
2076 raise Exception("Connector not reported")
2077 connector
= ev
.split(' ')[1]
2079 ev
= dev
[1].wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
2081 raise Exception("C-sign-key not reported")
2085 ev
= dev
[1].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
2087 raise Exception("netAccessKey not reported")
2089 net_access_key
= p
[1]
2090 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
2092 dev
[1].dump_monitor()
2094 id = dev
[1].connect(ssid
, key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
2095 only_add_network
=True)
2096 dev
[1].set_network_quoted(id, "dpp_connector", connector
)
2097 dev
[1].set_network(id, "dpp_csign", csign
)
2098 dev
[1].set_network(id, "dpp_netaccesskey", net_access_key
)
2099 if net_access_key_expiry
:
2100 dev
[1].set_network(id, "dpp_netaccess_expiry", net_access_key_expiry
)
2102 logger
.info("Check data connection")
2103 dev
[1].select_network(id, freq
="2412")
2104 dev
[1].wait_connected()
2106 def test_dpp_auto_connect_1(dev
, apdev
):
2107 """DPP and auto connect (1)"""
2109 run_dpp_auto_connect(dev
, apdev
, 1)
2111 dev
[0].set("dpp_config_processing", "0")
2113 def test_dpp_auto_connect_2(dev
, apdev
):
2114 """DPP and auto connect (2)"""
2116 run_dpp_auto_connect(dev
, apdev
, 2)
2118 dev
[0].set("dpp_config_processing", "0")
2120 def test_dpp_auto_connect_2_connect_cmd(dev
, apdev
):
2121 """DPP and auto connect (2) using connect_cmd"""
2122 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
2123 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
2124 dev_new
= [ wpas
, dev
[1] ]
2126 run_dpp_auto_connect(dev_new
, apdev
, 2)
2128 wpas
.set("dpp_config_processing", "0")
2130 def run_dpp_auto_connect(dev
, apdev
, processing
):
2131 check_dpp_capab(dev
[0])
2132 check_dpp_capab(dev
[1])
2134 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2135 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2136 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2137 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2139 params
= { "ssid": "test",
2141 "wpa_key_mgmt": "DPP",
2143 "rsn_pairwise": "CCMP",
2144 "dpp_connector": ap_connector
,
2145 "dpp_csign": csign_pub
,
2146 "dpp_netaccesskey": ap_netaccesskey
}
2148 hapd
= hostapd
.add_ap(apdev
[0], params
)
2150 raise HwsimSkip("DPP not supported")
2152 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
2153 res
= dev
[1].request(cmd
)
2155 raise Exception("DPP_CONFIGURATOR_ADD failed")
2158 dev
[0].set("dpp_config_processing", str(processing
))
2159 addr
= dev
[0].own_addr().replace(':', '')
2160 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2161 res
= dev
[0].request(cmd
)
2163 raise Exception("Failed to generate bootstrapping info")
2165 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2167 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2169 raise Exception("Failed to parse QR Code URI")
2172 cmd
= "DPP_LISTEN 2412"
2173 if "OK" not in dev
[0].request(cmd
):
2174 raise Exception("Failed to start listen operation")
2176 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
2177 if "OK" not in dev
[1].request(cmd
):
2178 raise Exception("Failed to initiate DPP Authentication")
2179 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2181 raise Exception("DPP configuration not completed (Configurator)")
2182 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2184 raise Exception("DPP configuration not completed (Enrollee)")
2185 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2187 raise Exception("DPP network profile not generated")
2188 id = ev
.split(' ')[1]
2191 dev
[0].select_network(id, freq
=2412)
2193 dev
[0].wait_connected()
2194 hwsim_utils
.test_connectivity(dev
[0], hapd
)
2196 def test_dpp_auto_connect_legacy(dev
, apdev
):
2197 """DPP and auto connect (legacy)"""
2199 run_dpp_auto_connect_legacy(dev
, apdev
)
2201 dev
[0].set("dpp_config_processing", "0")
2203 def test_dpp_auto_connect_legacy_sae_1(dev
, apdev
):
2204 """DPP and auto connect (legacy SAE)"""
2206 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', psk_sae
=True)
2208 dev
[0].set("dpp_config_processing", "0")
2210 def test_dpp_auto_connect_legacy_sae_2(dev
, apdev
):
2211 """DPP and auto connect (legacy SAE)"""
2213 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', sae_only
=True)
2215 dev
[0].set("dpp_config_processing", "0")
2217 def test_dpp_auto_connect_legacy_psk_sae_1(dev
, apdev
):
2218 """DPP and auto connect (legacy PSK+SAE)"""
2220 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2223 dev
[0].set("dpp_config_processing", "0")
2225 def test_dpp_auto_connect_legacy_psk_sae_2(dev
, apdev
):
2226 """DPP and auto connect (legacy PSK+SAE)"""
2228 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2231 dev
[0].set("dpp_config_processing", "0")
2233 def test_dpp_auto_connect_legacy_psk_sae_3(dev
, apdev
):
2234 """DPP and auto connect (legacy PSK+SAE)"""
2236 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae')
2238 dev
[0].set("dpp_config_processing", "0")
2240 def run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk',
2241 psk_sae
=False, sae_only
=False):
2242 check_dpp_capab(dev
[0])
2243 check_dpp_capab(dev
[1])
2245 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2246 passphrase
="secret passphrase")
2248 params
['wpa_key_mgmt'] = 'SAE'
2249 params
['ieee80211w'] = '2'
2251 params
['wpa_key_mgmt'] = 'WPA-PSK SAE'
2252 params
['ieee80211w'] = '1'
2253 params
['sae_require_mfp'] = '1'
2255 hapd
= hostapd
.add_ap(apdev
[0], params
)
2257 dev
[0].set("dpp_config_processing", "2")
2258 addr
= dev
[0].own_addr().replace(':', '')
2259 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2260 res
= dev
[0].request(cmd
)
2262 raise Exception("Failed to generate bootstrapping info")
2264 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2266 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2268 raise Exception("Failed to parse QR Code URI")
2271 cmd
= "DPP_LISTEN 2412"
2272 if "OK" not in dev
[0].request(cmd
):
2273 raise Exception("Failed to start listen operation")
2275 cmd
= "DPP_AUTH_INIT peer=%d conf=%s ssid=%s pass=%s" % (id1
, conf
, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2276 if "OK" not in dev
[1].request(cmd
):
2277 raise Exception("Failed to initiate DPP Authentication")
2278 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2280 raise Exception("DPP configuration not completed (Configurator)")
2281 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2283 raise Exception("DPP configuration not completed (Enrollee)")
2284 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2286 raise Exception("DPP network profile not generated")
2287 id = ev
.split(' ')[1]
2289 dev
[0].wait_connected()
2291 def test_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2292 """DPP and auto connect (legacy, PMF required)"""
2294 run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
)
2296 dev
[0].set("dpp_config_processing", "0")
2298 def run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2299 check_dpp_capab(dev
[0])
2300 check_dpp_capab(dev
[1])
2302 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2303 passphrase
="secret passphrase")
2304 params
['wpa_key_mgmt'] = "WPA-PSK-SHA256"
2305 params
['ieee80211w'] = "2"
2306 hapd
= hostapd
.add_ap(apdev
[0], params
)
2308 dev
[0].set("dpp_config_processing", "2")
2309 addr
= dev
[0].own_addr().replace(':', '')
2310 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2311 res
= dev
[0].request(cmd
)
2313 raise Exception("Failed to generate bootstrapping info")
2315 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2317 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2319 raise Exception("Failed to parse QR Code URI")
2322 cmd
= "DPP_LISTEN 2412"
2323 if "OK" not in dev
[0].request(cmd
):
2324 raise Exception("Failed to start listen operation")
2326 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s pass=%s" % (id1
, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2327 if "OK" not in dev
[1].request(cmd
):
2328 raise Exception("Failed to initiate DPP Authentication")
2329 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2331 raise Exception("DPP configuration not completed (Configurator)")
2332 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2334 raise Exception("DPP configuration not completed (Enrollee)")
2335 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2337 raise Exception("DPP network profile not generated")
2338 id = ev
.split(' ')[1]
2340 dev
[0].wait_connected()
2342 def test_dpp_qr_code_auth_responder_configurator(dev
, apdev
):
2343 """DPP QR Code and responder as the configurator"""
2344 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, "")
2346 def test_dpp_qr_code_auth_responder_configurator_group_id(dev
, apdev
):
2347 """DPP QR Code and responder as the configurator with group_id)"""
2348 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
,
2349 " group_id=test-group")
2351 def run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, extra
):
2352 check_dpp_capab(dev
[0])
2353 check_dpp_capab(dev
[1])
2354 cmd
= "DPP_CONFIGURATOR_ADD"
2355 res
= dev
[0].request(cmd
);
2357 raise Exception("Failed to add configurator")
2360 addr
= dev
[0].own_addr().replace(':', '')
2361 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2362 res
= dev
[0].request(cmd
)
2364 raise Exception("Failed to generate bootstrapping info")
2366 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2368 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2370 raise Exception("Failed to parse QR Code URI")
2373 dev
[0].set("dpp_configurator_params",
2374 " conf=sta-dpp configurator=%d%s" % (conf_id
, extra
));
2375 cmd
= "DPP_LISTEN 2412 role=configurator"
2376 if "OK" not in dev
[0].request(cmd
):
2377 raise Exception("Failed to start listen operation")
2378 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2379 if "OK" not in dev
[1].request(cmd
):
2380 raise Exception("Failed to initiate DPP Authentication")
2381 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2383 raise Exception("DPP authentication did not succeed (Responder)")
2384 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2386 raise Exception("DPP authentication did not succeed (Initiator)")
2387 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2389 raise Exception("DPP configuration not completed (Configurator)")
2390 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2392 raise Exception("DPP configuration not completed (Enrollee)")
2393 dev
[0].request("DPP_STOP_LISTEN")
2394 dev
[0].dump_monitor()
2395 dev
[1].dump_monitor()
2397 def test_dpp_qr_code_hostapd_init(dev
, apdev
):
2398 """DPP QR Code and hostapd as initiator"""
2399 check_dpp_capab(dev
[0])
2400 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2402 check_dpp_capab(hapd
)
2404 cmd
= "DPP_CONFIGURATOR_ADD"
2405 res
= dev
[0].request(cmd
);
2407 raise Exception("Failed to add configurator")
2410 addr
= dev
[0].own_addr().replace(':', '')
2411 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2412 res
= dev
[0].request(cmd
)
2414 raise Exception("Failed to generate bootstrapping info")
2416 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2418 dev
[0].set("dpp_configurator_params",
2419 " conf=ap-dpp configurator=%d" % conf_id
);
2420 cmd
= "DPP_LISTEN 2437 role=configurator"
2421 if "OK" not in dev
[0].request(cmd
):
2422 raise Exception("Failed to start listen operation")
2424 res
= hapd
.request("DPP_QR_CODE " + uri0
)
2426 raise Exception("Failed to parse QR Code URI")
2429 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2430 if "OK" not in hapd
.request(cmd
):
2431 raise Exception("Failed to initiate DPP Authentication")
2432 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2434 raise Exception("DPP authentication did not succeed (Responder)")
2435 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2437 raise Exception("DPP authentication did not succeed (Initiator)")
2438 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2440 raise Exception("DPP configuration not completed (Configurator)")
2441 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2443 raise Exception("DPP configuration not completed (Enrollee)")
2444 dev
[0].request("DPP_STOP_LISTEN")
2445 dev
[0].dump_monitor()
2447 def test_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
):
2448 """DPP QR Code and hostapd as initiator (offchannel)"""
2449 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, None)
2451 def test_dpp_qr_code_hostapd_init_offchannel_neg_freq(dev
, apdev
):
2452 """DPP QR Code and hostapd as initiator (offchannel, neg_freq)"""
2453 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, "neg_freq=2437")
2455 def run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, extra
):
2456 check_dpp_capab(dev
[0])
2457 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2459 check_dpp_capab(hapd
)
2461 cmd
= "DPP_CONFIGURATOR_ADD"
2462 res
= dev
[0].request(cmd
);
2464 raise Exception("Failed to add configurator")
2467 addr
= dev
[0].own_addr().replace(':', '')
2468 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,81/11 mac=" + addr
2469 res
= dev
[0].request(cmd
)
2471 raise Exception("Failed to generate bootstrapping info")
2473 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2475 dev
[0].set("dpp_configurator_params",
2476 " conf=ap-dpp configurator=%d" % conf_id
);
2477 cmd
= "DPP_LISTEN 2462 role=configurator"
2478 if "OK" not in dev
[0].request(cmd
):
2479 raise Exception("Failed to start listen operation")
2481 res
= hapd
.request("DPP_QR_CODE " + uri0
)
2483 raise Exception("Failed to parse QR Code URI")
2486 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2489 if "OK" not in hapd
.request(cmd
):
2490 raise Exception("Failed to initiate DPP Authentication")
2491 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2493 raise Exception("DPP authentication did not succeed (Responder)")
2494 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2496 raise Exception("DPP authentication did not succeed (Initiator)")
2497 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2499 raise Exception("DPP configuration not completed (Configurator)")
2500 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2502 raise Exception("DPP configuration not completed (Enrollee)")
2503 dev
[0].request("DPP_STOP_LISTEN")
2504 dev
[0].dump_monitor()
2506 def test_dpp_test_vector_p_256(dev
, apdev
):
2507 """DPP P-256 test vector (mutual auth)"""
2508 check_dpp_capab(dev
[0])
2509 check_dpp_capab(dev
[1])
2511 # Responder bootstrapping key
2512 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2513 addr
= dev
[0].own_addr().replace(':', '')
2514 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2515 res
= dev
[0].request(cmd
)
2517 raise Exception("Failed to generate bootstrapping info")
2519 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2521 # Responder protocol keypair override
2522 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2523 dev
[0].set("dpp_protocol_key_override",
2524 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2526 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2528 # Initiator bootstrapping key
2529 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2530 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2531 res
= dev
[1].request(cmd
)
2533 raise Exception("Failed to generate bootstrapping info")
2535 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2537 # Initiator protocol keypair override
2538 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2539 dev
[1].set("dpp_protocol_key_override",
2540 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2542 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2544 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2546 raise Exception("Failed to parse QR Code URI")
2549 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2551 raise Exception("Failed to parse QR Code URI")
2554 cmd
= "DPP_LISTEN 2462 qr=mutual"
2555 if "OK" not in dev
[0].request(cmd
):
2556 raise Exception("Failed to start listen operation")
2558 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2559 if "OK" not in dev
[1].request(cmd
):
2560 raise Exception("Failed to initiate operation")
2562 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2564 raise Exception("DPP authentication did not succeed (Initiator)")
2565 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2567 raise Exception("DPP authentication did not succeed (Responder)")
2569 def test_dpp_test_vector_p_256_b(dev
, apdev
):
2570 """DPP P-256 test vector (Responder-only auth)"""
2571 check_dpp_capab(dev
[0])
2572 check_dpp_capab(dev
[1])
2574 # Responder bootstrapping key
2575 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2576 addr
= dev
[0].own_addr().replace(':', '')
2577 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2578 res
= dev
[0].request(cmd
)
2580 raise Exception("Failed to generate bootstrapping info")
2582 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2584 # Responder protocol keypair override
2585 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2586 dev
[0].set("dpp_protocol_key_override",
2587 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2589 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2591 # Initiator bootstrapping key
2592 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2593 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2594 res
= dev
[1].request(cmd
)
2596 raise Exception("Failed to generate bootstrapping info")
2598 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2600 # Initiator protocol keypair override
2601 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2602 dev
[1].set("dpp_protocol_key_override",
2603 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2605 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2607 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2609 raise Exception("Failed to parse QR Code URI")
2612 cmd
= "DPP_LISTEN 2462"
2613 if "OK" not in dev
[0].request(cmd
):
2614 raise Exception("Failed to start listen operation")
2616 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2617 if "OK" not in dev
[1].request(cmd
):
2618 raise Exception("Failed to initiate operation")
2620 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2622 raise Exception("DPP authentication did not succeed (Initiator)")
2623 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2625 raise Exception("DPP authentication did not succeed (Responder)")
2627 def der_priv_key_p_521(priv
):
2628 if len(priv
) != 2 * 66:
2629 raise Exception("Unexpected der_priv_key_p_521 parameter: " + priv
)
2630 der_prefix
= "3081500201010442"
2631 der_postfix
= "a00706052b81040023"
2632 return der_prefix
+ priv
+ der_postfix
2634 def test_dpp_test_vector_p_521(dev
, apdev
):
2635 """DPP P-521 test vector (mutual auth)"""
2636 check_dpp_capab(dev
[0])
2637 check_dpp_capab(dev
[1])
2639 # Responder bootstrapping key
2640 priv
= "0061e54f518cdf859735da3dd64c6f72c2f086f41a6fd52915152ea2fe0f24ddaecd8883730c9c9fd82cf7c043a41021696388cf5190b731dd83638bcd56d8b6c743"
2641 addr
= dev
[0].own_addr().replace(':', '')
2642 #cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=" + der_prefix + priv + der_postfix
2643 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=" + der_priv_key_p_521(priv
)
2644 res
= dev
[0].request(cmd
)
2646 raise Exception("Failed to generate bootstrapping info")
2648 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2650 # Responder protocol keypair override
2651 priv
= "01d8b7b17cd1b0a33f7c66fb4220999329cdaf4f8b44b2ffadde8ab8ed8abffa9f5358c5b1caae26709ca4fb78e52a4d08f2e4f24111a36a6f440d20a0000ff51597"
2652 dev
[0].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2654 dev
[0].set("dpp_nonce_override",
2655 "d749a782012eb0a8595af30b2dfc8d0880d004ebddb55ecc5afbdef18c400e01")
2657 # Initiator bootstrapping key
2658 priv
= "0060c10df14af5ef27f6e362d31bdd9eeb44be77a323ba64b08f3f03d58b92cbfe05c182a91660caa081ca344243c47b5aa088bcdf738840eb35f0218b9f26881e02"
2659 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=" + der_priv_key_p_521(priv
)
2660 res
= dev
[1].request(cmd
)
2662 raise Exception("Failed to generate bootstrapping info")
2664 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2666 # Initiator protocol keypair override
2667 priv
= "019c1c08caaeec38fb931894699b095bc3ab8c1ec7ef0622d2e3eba821477c8c6fca41774f21166ad98aebda37c067d9aa08a8a2e1b5c44c61f2bae02a61f85d9661"
2668 dev
[1].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2670 dev
[1].set("dpp_nonce_override",
2671 "de972af3847bec3ba2aedd9f5c21cfdec7bf0bc5fe8b276cbcd0267807fb15b0")
2673 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2675 raise Exception("Failed to parse QR Code URI")
2678 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2680 raise Exception("Failed to parse QR Code URI")
2683 cmd
= "DPP_LISTEN 2462 qr=mutual"
2684 if "OK" not in dev
[0].request(cmd
):
2685 raise Exception("Failed to start listen operation")
2687 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2688 if "OK" not in dev
[1].request(cmd
):
2689 raise Exception("Failed to initiate operation")
2691 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2693 raise Exception("DPP authentication did not succeed (Initiator)")
2694 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2696 raise Exception("DPP authentication did not succeed (Responder)")
2698 def test_dpp_pkex(dev
, apdev
):
2700 run_dpp_pkex(dev
, apdev
)
2702 def test_dpp_pkex_p256(dev
, apdev
):
2703 """DPP and PKEX (P-256)"""
2704 run_dpp_pkex(dev
, apdev
, "P-256")
2706 def test_dpp_pkex_p384(dev
, apdev
):
2707 """DPP and PKEX (P-384)"""
2708 run_dpp_pkex(dev
, apdev
, "P-384")
2710 def test_dpp_pkex_p521(dev
, apdev
):
2711 """DPP and PKEX (P-521)"""
2712 run_dpp_pkex(dev
, apdev
, "P-521")
2714 def test_dpp_pkex_bp256(dev
, apdev
):
2715 """DPP and PKEX (BP-256)"""
2716 run_dpp_pkex(dev
, apdev
, "brainpoolP256r1")
2718 def test_dpp_pkex_bp384(dev
, apdev
):
2719 """DPP and PKEX (BP-384)"""
2720 run_dpp_pkex(dev
, apdev
, "brainpoolP384r1")
2722 def test_dpp_pkex_bp512(dev
, apdev
):
2723 """DPP and PKEX (BP-512)"""
2724 run_dpp_pkex(dev
, apdev
, "brainpoolP512r1")
2726 def test_dpp_pkex_config(dev
, apdev
):
2727 """DPP and PKEX with initiator as the configurator"""
2728 check_dpp_capab(dev
[1])
2730 cmd
= "DPP_CONFIGURATOR_ADD"
2731 res
= dev
[1].request(cmd
);
2733 raise Exception("Failed to add configurator")
2736 run_dpp_pkex(dev
, apdev
,
2737 init_extra
="conf=sta-dpp configurator=%d" % (conf_id
),
2740 def run_dpp_pkex(dev
, apdev
, curve
=None, init_extra
="", check_config
=False):
2741 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
2742 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
2744 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2746 cmd
+= " curve=" + curve
2747 res
= dev
[0].request(cmd
)
2749 raise Exception("Failed to generate bootstrapping info")
2752 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2754 cmd
+= " curve=" + curve
2755 res
= dev
[1].request(cmd
)
2757 raise Exception("Failed to generate bootstrapping info")
2760 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2761 res
= dev
[0].request(cmd
)
2763 raise Exception("Failed to set PKEX data (responder)")
2764 cmd
= "DPP_LISTEN 2437"
2765 if "OK" not in dev
[0].request(cmd
):
2766 raise Exception("Failed to start listen operation")
2768 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 %s code=secret" % (id1
, init_extra
)
2769 res
= dev
[1].request(cmd
)
2771 raise Exception("Failed to set PKEX data (initiator)")
2773 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2775 raise Exception("DPP authentication did not succeed (Initiator)")
2776 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2778 raise Exception("DPP authentication did not succeed (Responder)")
2781 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
2783 raise Exception("DPP configuration not completed (Configurator)")
2784 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2786 raise Exception("DPP configuration not completed (Enrollee)")
2788 def test_dpp_pkex_5ghz(dev
, apdev
):
2789 """DPP and PKEX on 5 GHz"""
2791 dev
[0].request("SET country US")
2792 dev
[1].request("SET country US")
2793 ev
= dev
[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout
=1)
2795 ev
= dev
[0].wait_global_event(["CTRL-EVENT-REGDOM-CHANGE"],
2797 run_dpp_pkex_5ghz(dev
, apdev
)
2799 dev
[0].request("SET country 00")
2800 dev
[1].request("SET country 00")
2801 subprocess
.call(['iw', 'reg', 'set', '00'])
2803 def run_dpp_pkex_5ghz(dev
, apdev
):
2804 check_dpp_capab(dev
[0])
2805 check_dpp_capab(dev
[1])
2807 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2808 res
= dev
[0].request(cmd
)
2810 raise Exception("Failed to generate bootstrapping info")
2813 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2814 res
= dev
[1].request(cmd
)
2816 raise Exception("Failed to generate bootstrapping info")
2819 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2820 res
= dev
[0].request(cmd
)
2822 raise Exception("Failed to set PKEX data (responder)")
2823 cmd
= "DPP_LISTEN 5745"
2824 if "OK" not in dev
[0].request(cmd
):
2825 raise Exception("Failed to start listen operation")
2827 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % (id1
)
2828 res
= dev
[1].request(cmd
)
2830 raise Exception("Failed to set PKEX data (initiator)")
2832 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout
=20)
2833 if ev
is None or "DPP-AUTH-SUCCESS" not in ev
:
2834 raise Exception("DPP authentication did not succeed (Initiator)")
2835 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2837 raise Exception("DPP authentication did not succeed (Responder)")
2839 def test_dpp_pkex_test_vector(dev
, apdev
):
2840 """DPP and PKEX (P-256) test vector"""
2841 check_dpp_capab(dev
[0])
2842 check_dpp_capab(dev
[1])
2844 init_addr
= "ac:64:91:f4:52:07"
2845 resp_addr
= "6e:5e:ce:6e:f3:dd"
2847 identifier
= "joes_key"
2848 code
= "thisisreallysecret"
2850 # Initiator bootstrapping private key
2851 init_priv
= "5941b51acfc702cdc1c347264beb2920db88eb1a0bf03a211868b1632233c269"
2853 # Responder bootstrapping private key
2854 resp_priv
= "2ae8956293f49986b6d0b8169a86805d9232babb5f6813fdfe96f19d59536c60"
2856 # Initiator x/X keypair override
2857 init_x_priv
= "8365c5ed93d751bef2d92b410dc6adfd95670889183fac1bd66759ad85c3187a"
2859 # Responder y/Y keypair override
2860 resp_y_priv
= "d98faa24d7dd3f592665d71a95c862bfd02c4c48acb0c515a41cbc6e929675ea"
2862 p256_prefix
= "30310201010420"
2863 p256_postfix
= "a00a06082a8648ce3d030107"
2865 dev
[0].set("dpp_pkex_own_mac_override", resp_addr
)
2866 dev
[0].set("dpp_pkex_peer_mac_override", init_addr
)
2867 dev
[1].set("dpp_pkex_own_mac_override", init_addr
)
2868 dev
[1].set("dpp_pkex_peer_mac_override", resp_addr
)
2870 # Responder bootstrapping key
2871 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ resp_priv
+ p256_postfix
2872 res
= dev
[0].request(cmd
)
2874 raise Exception("Failed to generate bootstrapping info")
2877 # Responder y/Y keypair override
2878 dev
[0].set("dpp_pkex_ephemeral_key_override",
2879 p256_prefix
+ resp_y_priv
+ p256_postfix
)
2881 # Initiator bootstrapping key
2882 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ init_priv
+ p256_postfix
2883 res
= dev
[1].request(cmd
)
2885 raise Exception("Failed to generate bootstrapping info")
2888 # Initiator x/X keypair override
2889 dev
[1].set("dpp_pkex_ephemeral_key_override",
2890 p256_prefix
+ init_x_priv
+ p256_postfix
)
2892 cmd
= "DPP_PKEX_ADD own=%d identifier=%s code=%s" % (id0
, identifier
, code
)
2893 res
= dev
[0].request(cmd
)
2895 raise Exception("Failed to set PKEX data (responder)")
2896 cmd
= "DPP_LISTEN 2437"
2897 if "OK" not in dev
[0].request(cmd
):
2898 raise Exception("Failed to start listen operation")
2900 cmd
= "DPP_PKEX_ADD own=%d identifier=%s init=1 code=%s" % (id1
, identifier
, code
)
2901 res
= dev
[1].request(cmd
)
2903 raise Exception("Failed to set PKEX data (initiator)")
2905 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2907 raise Exception("DPP authentication did not succeed (Initiator)")
2908 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2910 raise Exception("DPP authentication did not succeed (Responder)")
2912 def test_dpp_pkex_code_mismatch(dev
, apdev
):
2913 """DPP and PKEX with mismatching code"""
2914 check_dpp_capab(dev
[0])
2915 check_dpp_capab(dev
[1])
2917 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2918 res
= dev
[0].request(cmd
)
2920 raise Exception("Failed to generate bootstrapping info")
2923 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2924 res
= dev
[1].request(cmd
)
2926 raise Exception("Failed to generate bootstrapping info")
2929 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2930 res
= dev
[0].request(cmd
)
2932 raise Exception("Failed to set PKEX data (responder)")
2933 cmd
= "DPP_LISTEN 2437"
2934 if "OK" not in dev
[0].request(cmd
):
2935 raise Exception("Failed to start listen operation")
2937 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2938 res
= dev
[1].request(cmd
)
2940 raise Exception("Failed to set PKEX data (initiator)")
2942 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2944 raise Exception("Failure not reported")
2945 if "possible PKEX code mismatch" not in ev
:
2946 raise Exception("Unexpected result: " + ev
)
2948 dev
[0].dump_monitor()
2949 dev
[1].dump_monitor()
2951 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2952 res
= dev
[1].request(cmd
)
2954 raise Exception("Failed to set PKEX data (initiator, retry)")
2956 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2958 raise Exception("DPP authentication did not succeed (Initiator, retry)")
2959 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2961 raise Exception("DPP authentication did not succeed (Responder, retry)")
2963 def test_dpp_pkex_code_mismatch_limit(dev
, apdev
):
2964 """DPP and PKEX with mismatching code limit"""
2965 check_dpp_capab(dev
[0])
2966 check_dpp_capab(dev
[1])
2968 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2969 res
= dev
[0].request(cmd
)
2971 raise Exception("Failed to generate bootstrapping info")
2974 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2975 res
= dev
[1].request(cmd
)
2977 raise Exception("Failed to generate bootstrapping info")
2980 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2981 res
= dev
[0].request(cmd
)
2983 raise Exception("Failed to set PKEX data (responder)")
2984 cmd
= "DPP_LISTEN 2437"
2985 if "OK" not in dev
[0].request(cmd
):
2986 raise Exception("Failed to start listen operation")
2989 dev
[0].dump_monitor()
2990 dev
[1].dump_monitor()
2991 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2992 res
= dev
[1].request(cmd
)
2994 raise Exception("Failed to set PKEX data (initiator)")
2996 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2998 raise Exception("Failure not reported")
2999 if "possible PKEX code mismatch" not in ev
:
3000 raise Exception("Unexpected result: " + ev
)
3002 ev
= dev
[0].wait_event(["DPP-PKEX-T-LIMIT"], timeout
=1)
3004 raise Exception("PKEX t limit not reported")
3006 def test_dpp_pkex_curve_mismatch(dev
, apdev
):
3007 """DPP and PKEX with mismatching curve"""
3008 check_dpp_capab(dev
[0])
3009 check_dpp_capab(dev
[1])
3011 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
3012 res
= dev
[0].request(cmd
)
3014 raise Exception("Failed to generate bootstrapping info")
3017 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
3018 res
= dev
[1].request(cmd
)
3020 raise Exception("Failed to generate bootstrapping info")
3023 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3024 res
= dev
[0].request(cmd
)
3026 raise Exception("Failed to set PKEX data (responder)")
3027 cmd
= "DPP_LISTEN 2437"
3028 if "OK" not in dev
[0].request(cmd
):
3029 raise Exception("Failed to start listen operation")
3031 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3032 res
= dev
[1].request(cmd
)
3034 raise Exception("Failed to set PKEX data (initiator)")
3036 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3038 raise Exception("Failure not reported (dev 0)")
3039 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
3040 raise Exception("Unexpected result: " + ev
)
3042 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3044 raise Exception("Failure not reported (dev 1)")
3045 if "Peer indicated mismatching PKEX group - proposed 19" not in ev
:
3046 raise Exception("Unexpected result: " + ev
)
3048 def test_dpp_pkex_config2(dev
, apdev
):
3049 """DPP and PKEX with responder as the configurator"""
3050 check_dpp_capab(dev
[0])
3052 cmd
= "DPP_CONFIGURATOR_ADD"
3053 res
= dev
[0].request(cmd
);
3055 raise Exception("Failed to add configurator")
3058 dev
[0].set("dpp_configurator_params",
3059 " conf=sta-dpp configurator=%d" % conf_id
);
3060 run_dpp_pkex2(dev
, apdev
)
3062 def run_dpp_pkex2(dev
, apdev
, curve
=None, init_extra
=""):
3063 check_dpp_capab(dev
[0])
3064 check_dpp_capab(dev
[1])
3066 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3068 cmd
+= " curve=" + curve
3069 res
= dev
[0].request(cmd
)
3071 raise Exception("Failed to generate bootstrapping info")
3074 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3076 cmd
+= " curve=" + curve
3077 res
= dev
[1].request(cmd
)
3079 raise Exception("Failed to generate bootstrapping info")
3082 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3083 res
= dev
[0].request(cmd
)
3085 raise Exception("Failed to set PKEX data (responder)")
3086 cmd
= "DPP_LISTEN 2437 role=configurator"
3087 if "OK" not in dev
[0].request(cmd
):
3088 raise Exception("Failed to start listen operation")
3090 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee %s code=secret" % (id1
, init_extra
)
3091 res
= dev
[1].request(cmd
)
3093 raise Exception("Failed to set PKEX data (initiator)")
3095 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3097 raise Exception("DPP authentication did not succeed (Initiator)")
3098 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3100 raise Exception("DPP authentication did not succeed (Responder)")
3102 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3104 raise Exception("DPP configuration not completed (Configurator)")
3105 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3107 raise Exception("DPP configuration not completed (Enrollee)")
3109 def test_dpp_pkex_no_responder(dev
, apdev
):
3110 """DPP and PKEX with no responder (retry behavior)"""
3111 check_dpp_capab(dev
[0])
3113 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3114 res
= dev
[0].request(cmd
)
3116 raise Exception("Failed to generate bootstrapping info")
3119 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3120 res
= dev
[0].request(cmd
)
3122 raise Exception("Failed to set PKEX data (initiator)")
3124 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=15)
3126 raise Exception("DPP PKEX failure not reported")
3127 if "No response from PKEX peer" not in ev
:
3128 raise Exception("Unexpected failure reason: " + ev
)
3130 def test_dpp_pkex_after_retry(dev
, apdev
):
3131 """DPP and PKEX completing after retry"""
3132 check_dpp_capab(dev
[0])
3134 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3135 res
= dev
[0].request(cmd
)
3137 raise Exception("Failed to generate bootstrapping info")
3140 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3141 res
= dev
[0].request(cmd
)
3143 raise Exception("Failed to set PKEX data (initiator)")
3146 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3147 res
= dev
[1].request(cmd
)
3149 raise Exception("Failed to generate bootstrapping info")
3152 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
3153 res
= dev
[1].request(cmd
)
3155 raise Exception("Failed to set PKEX data (responder)")
3156 cmd
= "DPP_LISTEN 2437"
3157 if "OK" not in dev
[1].request(cmd
):
3158 raise Exception("Failed to start listen operation")
3160 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
3162 raise Exception("DPP authentication did not succeed (Responder)")
3163 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3165 raise Exception("DPP authentication did not succeed (Initiator)")
3166 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3168 raise Exception("DPP configuration not completed (Configurator)")
3169 # Ignore Enrollee result since configurator was not set here
3171 def test_dpp_pkex_hostapd_responder(dev
, apdev
):
3172 """DPP PKEX with hostapd as responder"""
3173 check_dpp_capab(dev
[0])
3174 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3176 check_dpp_capab(hapd
)
3178 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3179 res
= hapd
.request(cmd
)
3181 raise Exception("Failed to generate bootstrapping info (hostapd)")
3184 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id_h
)
3185 res
= hapd
.request(cmd
)
3187 raise Exception("Failed to set PKEX data (responder/hostapd)")
3189 cmd
= "DPP_CONFIGURATOR_ADD"
3190 res
= dev
[0].request(cmd
);
3192 raise Exception("Failed to add configurator")
3195 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3196 res
= dev
[0].request(cmd
)
3198 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3201 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=ap-dpp configurator=%d code=secret" % (id0
, conf_id
)
3202 res
= dev
[0].request(cmd
)
3204 raise Exception("Failed to set PKEX data (initiator/wpa_supplicant)")
3206 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3208 raise Exception("DPP authentication did not succeed (Initiator)")
3209 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3211 raise Exception("DPP authentication did not succeed (Responder)")
3212 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3214 raise Exception("DPP configuration not completed (Configurator)")
3215 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3217 raise Exception("DPP configuration not completed (Enrollee)")
3218 dev
[0].request("DPP_STOP_LISTEN")
3219 dev
[0].dump_monitor()
3221 def test_dpp_pkex_hostapd_initiator(dev
, apdev
):
3222 """DPP PKEX with hostapd as initiator"""
3223 check_dpp_capab(dev
[0])
3224 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3226 check_dpp_capab(hapd
)
3228 cmd
= "DPP_CONFIGURATOR_ADD"
3229 res
= dev
[0].request(cmd
);
3231 raise Exception("Failed to add configurator")
3234 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3235 res
= dev
[0].request(cmd
)
3237 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3240 dev
[0].set("dpp_configurator_params",
3241 " conf=ap-dpp configurator=%d" % conf_id
);
3243 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3244 res
= dev
[0].request(cmd
)
3246 raise Exception("Failed to set PKEX data (responder/wpa_supplicant)")
3248 cmd
= "DPP_LISTEN 2437 role=configurator"
3249 if "OK" not in dev
[0].request(cmd
):
3250 raise Exception("Failed to start listen operation")
3252 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3253 res
= hapd
.request(cmd
)
3255 raise Exception("Failed to generate bootstrapping info (hostapd)")
3258 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee code=secret" % (id_h
)
3259 res
= hapd
.request(cmd
)
3261 raise Exception("Failed to set PKEX data (initiator/hostapd)")
3263 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3265 raise Exception("DPP authentication did not succeed (Initiator)")
3266 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3268 raise Exception("DPP authentication did not succeed (Responder)")
3269 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3271 raise Exception("DPP configuration not completed (Configurator)")
3272 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3274 raise Exception("DPP configuration not completed (Enrollee)")
3275 dev
[0].request("DPP_STOP_LISTEN")
3276 dev
[0].dump_monitor()
3278 def test_dpp_hostapd_configurator(dev
, apdev
):
3279 """DPP with hostapd as configurator/initiator"""
3280 check_dpp_capab(dev
[0])
3281 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3283 check_dpp_capab(hapd
)
3285 cmd
= "DPP_CONFIGURATOR_ADD"
3286 res
= hapd
.request(cmd
);
3288 raise Exception("Failed to add configurator")
3291 addr
= dev
[0].own_addr().replace(':', '')
3292 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3293 res
= dev
[0].request(cmd
)
3295 raise Exception("Failed to generate bootstrapping info")
3297 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3299 res
= hapd
.request("DPP_QR_CODE " + uri0
)
3301 raise Exception("Failed to parse QR Code URI")
3304 res
= hapd
.request("DPP_BOOTSTRAP_INFO %d" % id0
)
3306 raise Exception("DPP_BOOTSTRAP_INFO failed")
3307 if "type=QRCODE" not in res
:
3308 raise Exception("DPP_BOOTSTRAP_INFO did not report correct type")
3309 if "mac_addr=" + dev
[0].own_addr() not in res
:
3310 raise Exception("DPP_BOOTSTRAP_INFO did not report correct mac_addr")
3312 cmd
= "DPP_LISTEN 2412"
3313 if "OK" not in dev
[0].request(cmd
):
3314 raise Exception("Failed to start listen operation")
3315 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3316 if "OK" not in hapd
.request(cmd
):
3317 raise Exception("Failed to initiate DPP Authentication")
3319 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3321 raise Exception("DPP authentication did not succeed (Responder)")
3322 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3324 raise Exception("DPP authentication did not succeed (Initiator)")
3325 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3327 raise Exception("DPP configuration not completed (Configurator)")
3328 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3330 raise Exception("DPP configuration not completed (Enrollee)")
3331 dev
[0].request("DPP_STOP_LISTEN")
3332 dev
[0].dump_monitor()
3334 def test_dpp_hostapd_configurator_responder(dev
, apdev
):
3335 """DPP with hostapd as configurator/responder"""
3336 check_dpp_capab(dev
[0])
3337 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3339 check_dpp_capab(hapd
)
3341 cmd
= "DPP_CONFIGURATOR_ADD"
3342 res
= hapd
.request(cmd
);
3344 raise Exception("Failed to add configurator")
3347 hapd
.set("dpp_configurator_params",
3348 " conf=sta-dpp configurator=%d" % conf_id
);
3350 addr
= hapd
.own_addr().replace(':', '')
3351 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3352 res
= hapd
.request(cmd
)
3354 raise Exception("Failed to generate bootstrapping info")
3356 uri0
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3358 res
= dev
[0].request("DPP_QR_CODE " + uri0
)
3360 raise Exception("Failed to parse QR Code URI")
3363 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3364 if "OK" not in dev
[0].request(cmd
):
3365 raise Exception("Failed to initiate DPP Authentication")
3367 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3369 raise Exception("DPP authentication did not succeed (Responder)")
3370 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3372 raise Exception("DPP authentication did not succeed (Initiator)")
3373 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3375 raise Exception("DPP configuration not completed (Configurator)")
3376 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3378 raise Exception("DPP configuration not completed (Enrollee)")
3379 dev
[0].request("DPP_STOP_LISTEN")
3380 dev
[0].dump_monitor()
3382 def test_dpp_own_config(dev
, apdev
):
3383 """DPP configurator signing own connector"""
3385 run_dpp_own_config(dev
, apdev
)
3387 dev
[0].set("dpp_config_processing", "0")
3389 def test_dpp_own_config_group_id(dev
, apdev
):
3390 """DPP configurator signing own connector"""
3392 run_dpp_own_config(dev
, apdev
, extra
=" group_id=test-group")
3394 dev
[0].set("dpp_config_processing", "0")
3396 def test_dpp_own_config_curve_mismatch(dev
, apdev
):
3397 """DPP configurator signing own connector using mismatching curve"""
3399 run_dpp_own_config(dev
, apdev
, own_curve
="BP-384", expect_failure
=True)
3401 dev
[0].set("dpp_config_processing", "0")
3403 def run_dpp_own_config(dev
, apdev
, own_curve
=None, expect_failure
=False,
3405 check_dpp_capab(dev
[0], own_curve
and "BP" in own_curve
)
3406 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3407 check_dpp_capab(hapd
)
3409 addr
= hapd
.own_addr().replace(':', '')
3410 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3411 res
= hapd
.request(cmd
)
3413 raise Exception("Failed to generate bootstrapping info")
3415 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3417 cmd
= "DPP_CONFIGURATOR_ADD"
3418 res
= dev
[0].request(cmd
);
3420 raise Exception("Failed to add configurator")
3423 res
= dev
[0].request("DPP_QR_CODE " + uri
)
3425 raise Exception("Failed to parse QR Code URI")
3428 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d%s" % (id, conf_id
, extra
)
3429 if "OK" not in dev
[0].request(cmd
):
3430 raise Exception("Failed to initiate DPP Authentication")
3431 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3433 raise Exception("DPP authentication did not succeed (Responder)")
3434 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3436 raise Exception("DPP authentication did not succeed (Initiator)")
3437 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3439 raise Exception("DPP configuration not completed (Configurator)")
3440 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3442 raise Exception("DPP configuration not completed (Enrollee)")
3444 update_hapd_config(hapd
)
3446 dev
[0].set("dpp_config_processing", "1")
3447 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d%s" % (conf_id
, extra
)
3449 cmd
+= " curve=" + own_curve
3450 res
= dev
[0].request(cmd
)
3452 raise Exception("Failed to generate own configuration")
3454 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
3456 raise Exception("DPP network profile not generated")
3457 id = ev
.split(' ')[1]
3458 dev
[0].select_network(id, freq
="2412")
3460 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=1)
3462 raise Exception("Unexpected connection");
3463 dev
[0].request("DISCONNECT")
3465 dev
[0].wait_connected()
3467 def test_dpp_own_config_ap(dev
, apdev
):
3468 """DPP configurator (AP) signing own connector"""
3470 run_dpp_own_config_ap(dev
, apdev
)
3472 dev
[0].set("dpp_config_processing", "0")
3474 def test_dpp_own_config_ap_group_id(dev
, apdev
):
3475 """DPP configurator (AP) signing own connector (group_id)"""
3477 run_dpp_own_config_ap(dev
, apdev
, extra
=" group_id=test-group")
3479 dev
[0].set("dpp_config_processing", "0")
3481 def test_dpp_own_config_ap_reconf(dev
, apdev
):
3482 """DPP configurator (AP) signing own connector and configurator reconf"""
3484 run_dpp_own_config_ap(dev
, apdev
)
3486 dev
[0].set("dpp_config_processing", "0")
3488 def run_dpp_own_config_ap(dev
, apdev
, reconf_configurator
=False, extra
=""):
3489 check_dpp_capab(dev
[0])
3490 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3491 check_dpp_capab(hapd
)
3493 cmd
= "DPP_CONFIGURATOR_ADD"
3494 res
= hapd
.request(cmd
);
3496 raise Exception("Failed to add configurator")
3499 if reconf_configurator
:
3500 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
3501 if "FAIL" in csign
or len(csign
) == 0:
3502 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
3504 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d%s" % (conf_id
, extra
)
3505 res
= hapd
.request(cmd
)
3507 raise Exception("Failed to generate own configuration")
3508 update_hapd_config(hapd
)
3510 if reconf_configurator
:
3511 res
= hapd
.request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
3513 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
3514 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
3515 res
= hapd
.request(cmd
);
3517 raise Exception("Failed to add configurator (reconf)")
3520 addr
= dev
[0].own_addr().replace(':', '')
3521 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3522 res
= dev
[0].request(cmd
)
3524 raise Exception("Failed to generate bootstrapping info")
3526 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
3528 res
= hapd
.request("DPP_QR_CODE " + uri
)
3530 raise Exception("Failed to parse QR Code URI")
3533 dev
[0].set("dpp_config_processing", "2")
3534 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
3535 raise Exception("Failed to start listen operation")
3536 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d%s" % (id, conf_id
, extra
)
3537 if "OK" not in hapd
.request(cmd
):
3538 raise Exception("Failed to initiate DPP Authentication")
3539 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3541 raise Exception("DPP authentication did not succeed (Initiator)")
3542 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3544 raise Exception("DPP configuration not completed (Configurator)")
3545 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
3547 raise Exception("DPP configuration not completed (Enrollee)")
3548 if "DPP-CONF-RECEIVED" not in ev
:
3549 raise Exception("DPP configuration failed (Enrollee)")
3551 dev
[0].wait_connected()
3553 def test_dpp_intro_mismatch(dev
, apdev
):
3554 """DPP network introduction mismatch cases"""
3557 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3558 wpas
.interface_add("wlan5")
3559 check_dpp_capab(wpas
)
3560 run_dpp_intro_mismatch(dev
, apdev
, wpas
)
3562 dev
[0].set("dpp_config_processing", "0")
3563 dev
[2].set("dpp_config_processing", "0")
3565 wpas
.set("dpp_config_processing", "0")
3567 def run_dpp_intro_mismatch(dev
, apdev
, wpas
):
3568 check_dpp_capab(dev
[0])
3569 check_dpp_capab(dev
[1])
3570 check_dpp_capab(dev
[2])
3572 logger
.info("Start AP in unconfigured state")
3573 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3574 check_dpp_capab(hapd
)
3576 addr
= hapd
.own_addr().replace(':', '')
3577 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3578 res
= hapd
.request(cmd
)
3580 raise Exception("Failed to generate bootstrapping info")
3582 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3584 logger
.info("Provision AP with DPP configuration")
3585 res
= dev
[1].request("DPP_CONFIGURATOR_ADD");
3587 raise Exception("Failed to add configurator")
3590 res
= dev
[1].request("DPP_QR_CODE " + uri
)
3592 raise Exception("Failed to parse QR Code URI")
3595 dev
[1].set("dpp_groups_override", '[{"groupId":"a","netRole":"ap"}]')
3596 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
3597 if "OK" not in dev
[1].request(cmd
):
3598 raise Exception("Failed to initiate DPP Authentication")
3599 update_hapd_config(hapd
)
3601 logger
.info("Provision STA0 with DPP Connector that has mismatching groupId")
3602 dev
[0].set("dpp_config_processing", "2")
3603 addr
= dev
[0].own_addr().replace(':', '')
3604 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3605 res
= dev
[0].request(cmd
)
3607 raise Exception("Failed to generate bootstrapping info")
3609 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3611 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
3613 raise Exception("Failed to parse QR Code URI")
3616 cmd
= "DPP_LISTEN 2412"
3617 if "OK" not in dev
[0].request(cmd
):
3618 raise Exception("Failed to start listen operation")
3620 dev
[1].set("dpp_groups_override", '[{"groupId":"b","netRole":"sta"}]')
3621 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3622 if "OK" not in dev
[1].request(cmd
):
3623 raise Exception("Failed to initiate DPP Authentication")
3624 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3626 raise Exception("DPP configuration not completed (Configurator for STA0)")
3627 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3629 raise Exception("DPP configuration not completed (Enrollee STA0)")
3631 logger
.info("Provision STA2 with DPP Connector that has mismatching C-sign-key")
3632 dev
[2].set("dpp_config_processing", "2")
3633 addr
= dev
[2].own_addr().replace(':', '')
3634 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3635 res
= dev
[2].request(cmd
)
3637 raise Exception("Failed to generate bootstrapping info")
3639 uri2
= dev
[2].request("DPP_BOOTSTRAP_GET_URI %d" % id2
)
3641 res
= dev
[1].request("DPP_QR_CODE " + uri2
)
3643 raise Exception("Failed to parse QR Code URI")
3646 cmd
= "DPP_LISTEN 2412"
3647 if "OK" not in dev
[2].request(cmd
):
3648 raise Exception("Failed to start listen operation")
3650 res
= dev
[1].request("DPP_CONFIGURATOR_ADD");
3652 raise Exception("Failed to add configurator")
3653 conf_id_2
= int(res
)
3654 dev
[1].set("dpp_groups_override", '')
3655 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id_2
)
3656 if "OK" not in dev
[1].request(cmd
):
3657 raise Exception("Failed to initiate DPP Authentication")
3658 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3660 raise Exception("DPP configuration not completed (Configurator for STA2)")
3661 ev
= dev
[2].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3663 raise Exception("DPP configuration not completed (Enrollee STA2)")
3665 logger
.info("Provision STA5 with DPP Connector that has mismatching netAccessKey EC group")
3666 wpas
.set("dpp_config_processing", "2")
3667 addr
= wpas
.own_addr().replace(':', '')
3668 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3669 cmd
+= " curve=P-521"
3670 res
= wpas
.request(cmd
)
3672 raise Exception("Failed to generate bootstrapping info")
3674 uri5
= wpas
.request("DPP_BOOTSTRAP_GET_URI %d" % id5
)
3676 res
= dev
[1].request("DPP_QR_CODE " + uri5
)
3678 raise Exception("Failed to parse QR Code URI")
3681 cmd
= "DPP_LISTEN 2412"
3682 if "OK" not in wpas
.request(cmd
):
3683 raise Exception("Failed to start listen operation")
3685 dev
[1].set("dpp_groups_override", '')
3686 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3687 if "OK" not in dev
[1].request(cmd
):
3688 raise Exception("Failed to initiate DPP Authentication")
3689 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3691 raise Exception("DPP configuration not completed (Configurator for STA0)")
3692 ev
= wpas
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3694 raise Exception("DPP configuration not completed (Enrollee STA5)")
3696 logger
.info("Verify network introduction results")
3697 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
3699 raise Exception("DPP network introduction result not seen on STA0")
3700 if "status=8" not in ev
:
3701 raise Exception("Unexpected network introduction result on STA0: " + ev
)
3703 ev
= dev
[2].wait_event(["DPP-INTRO"], timeout
=5)
3705 raise Exception("DPP network introduction result not seen on STA2")
3706 if "status=8" not in ev
:
3707 raise Exception("Unexpected network introduction result on STA2: " + ev
)
3709 ev
= wpas
.wait_event(["DPP-INTRO"], timeout
=10)
3711 raise Exception("DPP network introduction result not seen on STA5")
3712 if "status=7" not in ev
:
3713 raise Exception("Unexpected network introduction result on STA5: " + ev
)
3715 def run_dpp_proto_init(dev
, test_dev
, test
, mutual
=False, unicast
=True,
3716 listen
=True, chan
="81/1", init_enrollee
=False,
3717 incompatible_roles
=False):
3718 check_dpp_capab(dev
[0])
3719 check_dpp_capab(dev
[1])
3720 dev
[test_dev
].set("dpp_test", str(test
))
3722 cmd
= "DPP_CONFIGURATOR_ADD"
3724 res
= dev
[0].request(cmd
)
3726 res
= dev
[1].request(cmd
)
3728 raise Exception("Failed to add configurator")
3731 addr
= dev
[0].own_addr().replace(':', '')
3732 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
3734 cmd
+= " chan=" + chan
3736 cmd
+= " mac=" + addr
3737 res
= dev
[0].request(cmd
)
3739 raise Exception("Failed to generate bootstrapping info")
3741 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3743 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
3745 raise Exception("Failed to parse QR Code URI")
3749 addr
= dev
[1].own_addr().replace(':', '')
3750 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
3752 raise Exception("Failed to generate bootstrapping info")
3754 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
3756 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
3758 raise Exception("Failed to parse QR Code URI")
3761 cmd
= "DPP_LISTEN 2412 qr=mutual"
3763 cmd
= "DPP_LISTEN 2412"
3766 if incompatible_roles
:
3767 cmd
+= " role=enrollee"
3769 cmd
+= " role=configurator"
3770 dev
[0].set("dpp_configurator_params",
3771 " conf=sta-dpp configurator=%d" % conf_id
);
3772 elif incompatible_roles
:
3773 cmd
+= " role=enrollee"
3776 if "OK" not in dev
[0].request(cmd
):
3777 raise Exception("Failed to start listen operation")
3780 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3782 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3783 if incompatible_roles
:
3784 cmd
+= " role=enrollee"
3786 cmd
+= " own=%d" % id1b
3787 if "OK" not in dev
[1].request(cmd
):
3788 raise Exception("Failed to initiate DPP Authentication")
3790 def test_dpp_proto_after_wrapped_data_auth_req(dev
, apdev
):
3791 """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
3792 run_dpp_proto_init(dev
, 1, 1)
3793 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3795 raise Exception("DPP Authentication Request not seen")
3796 if "type=0" not in ev
or "ignore=invalid-attributes" not in ev
:
3797 raise Exception("Unexpected RX info: " + ev
)
3798 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3800 raise Exception("Unexpected DPP message seen")
3802 def test_dpp_auth_req_stop_after_ack(dev
, apdev
):
3803 """DPP initiator stopping after ACK, but no response"""
3804 run_dpp_proto_init(dev
, 1, 1, listen
=True)
3805 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3807 raise Exception("Authentication failure not reported")
3809 def test_dpp_auth_req_retries(dev
, apdev
):
3810 """DPP initiator retries with no ACK"""
3811 check_dpp_capab(dev
[1])
3812 dev
[1].set("dpp_init_max_tries", "3")
3813 dev
[1].set("dpp_init_retry_time", "1000")
3814 dev
[1].set("dpp_resp_wait_time", "100")
3815 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False)
3818 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3820 raise Exception("Auth Req not sent (%d)" % i
)
3822 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3824 raise Exception("Authentication failure not reported")
3826 def test_dpp_auth_req_retries_multi_chan(dev
, apdev
):
3827 """DPP initiator retries with no ACK and multiple channels"""
3828 check_dpp_capab(dev
[1])
3829 dev
[1].set("dpp_init_max_tries", "3")
3830 dev
[1].set("dpp_init_retry_time", "1000")
3831 dev
[1].set("dpp_resp_wait_time", "100")
3832 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False,
3833 chan
="81/1,81/6,81/11")
3835 for i
in range(3 * 3):
3836 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3838 raise Exception("Auth Req not sent (%d)" % i
)
3840 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3842 raise Exception("Authentication failure not reported")
3844 def test_dpp_proto_after_wrapped_data_auth_resp(dev
, apdev
):
3845 """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
3846 run_dpp_proto_init(dev
, 0, 2)
3847 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
3849 raise Exception("DPP Authentication Response not seen")
3850 if "type=1" not in ev
or "ignore=invalid-attributes" not in ev
:
3851 raise Exception("Unexpected RX info: " + ev
)
3852 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3853 if ev
is None or "type=0" not in ev
:
3854 raise Exception("DPP Authentication Request not seen")
3855 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3857 raise Exception("Unexpected DPP message seen")
3859 def test_dpp_proto_after_wrapped_data_auth_conf(dev
, apdev
):
3860 """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
3861 run_dpp_proto_init(dev
, 1, 3)
3862 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3863 if ev
is None or "type=0" not in ev
:
3864 raise Exception("DPP Authentication Request not seen")
3865 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3867 raise Exception("DPP Authentication Confirm not seen")
3868 if "type=2" not in ev
or "ignore=invalid-attributes" not in ev
:
3869 raise Exception("Unexpected RX info: " + ev
)
3871 def test_dpp_proto_after_wrapped_data_conf_req(dev
, apdev
):
3872 """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
3873 run_dpp_proto_init(dev
, 0, 6)
3874 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3876 raise Exception("DPP Configuration failure not seen")
3878 def test_dpp_proto_after_wrapped_data_conf_resp(dev
, apdev
):
3879 """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
3880 run_dpp_proto_init(dev
, 1, 7)
3881 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3883 raise Exception("DPP Configuration failure not seen")
3885 def test_dpp_proto_zero_i_capab(dev
, apdev
):
3886 """DPP protocol testing - zero I-capability in Auth Req"""
3887 run_dpp_proto_init(dev
, 1, 8)
3888 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3890 raise Exception("DPP failure not seen")
3891 if "Invalid role in I-capabilities 0x00" not in ev
:
3892 raise Exception("Unexpected failure: " + ev
)
3893 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3895 raise Exception("Unexpected DPP message seen")
3897 def test_dpp_proto_zero_r_capab(dev
, apdev
):
3898 """DPP protocol testing - zero R-capability in Auth Resp"""
3899 run_dpp_proto_init(dev
, 0, 9)
3900 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3902 raise Exception("DPP failure not seen")
3903 if "Unexpected role in R-capabilities 0x00" not in ev
:
3904 raise Exception("Unexpected failure: " + ev
)
3905 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3906 if ev
is None or "type=0" not in ev
:
3907 raise Exception("DPP Authentication Request not seen")
3908 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3910 raise Exception("Unexpected DPP message seen")
3912 def run_dpp_proto_auth_req_missing(dev
, test
, reason
, mutual
=False):
3913 run_dpp_proto_init(dev
, 1, test
, mutual
=mutual
)
3914 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3916 raise Exception("DPP failure not seen")
3917 if reason
not in ev
:
3918 raise Exception("Unexpected failure: " + ev
)
3919 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3921 raise Exception("Unexpected DPP message seen")
3923 def test_dpp_proto_auth_req_no_r_bootstrap_key(dev
, apdev
):
3924 """DPP protocol testing - no R-bootstrap key in Auth Req"""
3925 run_dpp_proto_auth_req_missing(dev
, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
3927 def test_dpp_proto_auth_req_invalid_r_bootstrap_key(dev
, apdev
):
3928 """DPP protocol testing - invalid R-bootstrap key in Auth Req"""
3929 run_dpp_proto_auth_req_missing(dev
, 68, "No matching own bootstrapping key found - ignore message")
3931 def test_dpp_proto_auth_req_no_i_bootstrap_key(dev
, apdev
):
3932 """DPP protocol testing - no I-bootstrap key in Auth Req"""
3933 run_dpp_proto_auth_req_missing(dev
, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
3935 def test_dpp_proto_auth_req_invalid_i_bootstrap_key(dev
, apdev
):
3936 """DPP protocol testing - invalid I-bootstrap key in Auth Req"""
3937 run_dpp_proto_init(dev
, 1, 69, mutual
=True)
3938 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
3940 raise Exception("DPP scan request not seen")
3941 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
3943 raise Exception("DPP response pending indivation not seen")
3945 def test_dpp_proto_auth_req_no_i_proto_key(dev
, apdev
):
3946 """DPP protocol testing - no I-proto key in Auth Req"""
3947 run_dpp_proto_auth_req_missing(dev
, 12, "Missing required Initiator Protocol Key attribute")
3949 def test_dpp_proto_auth_req_invalid_i_proto_key(dev
, apdev
):
3950 """DPP protocol testing - invalid I-proto key in Auth Req"""
3951 run_dpp_proto_auth_req_missing(dev
, 66, "Invalid Initiator Protocol Key")
3953 def test_dpp_proto_auth_req_no_i_nonce(dev
, apdev
):
3954 """DPP protocol testing - no I-nonce in Auth Req"""
3955 run_dpp_proto_auth_req_missing(dev
, 13, "Missing or invalid I-nonce")
3957 def test_dpp_proto_auth_req_invalid_i_nonce(dev
, apdev
):
3958 """DPP protocol testing - invalid I-nonce in Auth Req"""
3959 run_dpp_proto_auth_req_missing(dev
, 81, "Missing or invalid I-nonce")
3961 def test_dpp_proto_auth_req_no_i_capab(dev
, apdev
):
3962 """DPP protocol testing - no I-capab in Auth Req"""
3963 run_dpp_proto_auth_req_missing(dev
, 14, "Missing or invalid I-capab")
3965 def test_dpp_proto_auth_req_no_wrapped_data(dev
, apdev
):
3966 """DPP protocol testing - no Wrapped Data in Auth Req"""
3967 run_dpp_proto_auth_req_missing(dev
, 15, "Missing or invalid required Wrapped Data attribute")
3969 def run_dpp_proto_auth_resp_missing(dev
, test
, reason
,
3970 incompatible_roles
=False):
3971 run_dpp_proto_init(dev
, 0, test
, mutual
=True,
3972 incompatible_roles
=incompatible_roles
)
3976 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3978 raise Exception("DPP failure not seen")
3979 if reason
not in ev
:
3980 raise Exception("Unexpected failure: " + ev
)
3981 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3982 if ev
is None or "type=0" not in ev
:
3983 raise Exception("DPP Authentication Request not seen")
3984 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3986 raise Exception("Unexpected DPP message seen")
3988 def test_dpp_proto_auth_resp_no_status(dev
, apdev
):
3989 """DPP protocol testing - no Status in Auth Resp"""
3990 run_dpp_proto_auth_resp_missing(dev
, 16, "Missing or invalid required DPP Status attribute")
3992 def test_dpp_proto_auth_resp_status_no_status(dev
, apdev
):
3993 """DPP protocol testing - no Status in Auth Resp(status)"""
3994 run_dpp_proto_auth_resp_missing(dev
, 16,
3995 "Missing or invalid required DPP Status attribute",
3996 incompatible_roles
=True)
3998 def test_dpp_proto_auth_resp_invalid_status(dev
, apdev
):
3999 """DPP protocol testing - invalid Status in Auth Resp"""
4000 run_dpp_proto_auth_resp_missing(dev
, 74, "Responder reported failure")
4002 def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev
, apdev
):
4003 """DPP protocol testing - no R-bootstrap key in Auth Resp"""
4004 run_dpp_proto_auth_resp_missing(dev
, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4006 def test_dpp_proto_auth_resp_status_no_r_bootstrap_key(dev
, apdev
):
4007 """DPP protocol testing - no R-bootstrap key in Auth Resp(status)"""
4008 run_dpp_proto_auth_resp_missing(dev
, 17,
4009 "Missing or invalid required Responder Bootstrapping Key Hash attribute",
4010 incompatible_roles
=True)
4012 def test_dpp_proto_auth_resp_invalid_r_bootstrap_key(dev
, apdev
):
4013 """DPP protocol testing - invalid R-bootstrap key in Auth Resp"""
4014 run_dpp_proto_auth_resp_missing(dev
, 70, "Unexpected Responder Bootstrapping Key Hash value")
4016 def test_dpp_proto_auth_resp_status_invalid_r_bootstrap_key(dev
, apdev
):
4017 """DPP protocol testing - invalid R-bootstrap key in Auth Resp(status)"""
4018 run_dpp_proto_auth_resp_missing(dev
, 70,
4019 "Unexpected Responder Bootstrapping Key Hash value",
4020 incompatible_roles
=True)
4022 def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev
, apdev
):
4023 """DPP protocol testing - no I-bootstrap key in Auth Resp"""
4024 run_dpp_proto_auth_resp_missing(dev
, 18, None)
4026 def test_dpp_proto_auth_resp_status_no_i_bootstrap_key(dev
, apdev
):
4027 """DPP protocol testing - no I-bootstrap key in Auth Resp(status)"""
4028 run_dpp_proto_auth_resp_missing(dev
, 18, None, incompatible_roles
=True)
4030 def test_dpp_proto_auth_resp_invalid_i_bootstrap_key(dev
, apdev
):
4031 """DPP protocol testing - invalid I-bootstrap key in Auth Resp"""
4032 run_dpp_proto_auth_resp_missing(dev
, 71, "Initiator Bootstrapping Key Hash attribute did not match")
4034 def test_dpp_proto_auth_resp_status_invalid_i_bootstrap_key(dev
, apdev
):
4035 """DPP protocol testing - invalid I-bootstrap key in Auth Resp(status)"""
4036 run_dpp_proto_auth_resp_missing(dev
, 71,
4037 "Initiator Bootstrapping Key Hash attribute did not match",
4038 incompatible_roles
=True)
4040 def test_dpp_proto_auth_resp_no_r_proto_key(dev
, apdev
):
4041 """DPP protocol testing - no R-Proto Key in Auth Resp"""
4042 run_dpp_proto_auth_resp_missing(dev
, 19, "Missing required Responder Protocol Key attribute")
4044 def test_dpp_proto_auth_resp_invalid_r_proto_key(dev
, apdev
):
4045 """DPP protocol testing - invalid R-Proto Key in Auth Resp"""
4046 run_dpp_proto_auth_resp_missing(dev
, 67, "Invalid Responder Protocol Key")
4048 def test_dpp_proto_auth_resp_no_r_nonce(dev
, apdev
):
4049 """DPP protocol testing - no R-nonce in Auth Resp"""
4050 run_dpp_proto_auth_resp_missing(dev
, 20, "Missing or invalid R-nonce")
4052 def test_dpp_proto_auth_resp_no_i_nonce(dev
, apdev
):
4053 """DPP protocol testing - no I-nonce in Auth Resp"""
4054 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce")
4056 def test_dpp_proto_auth_resp_status_no_i_nonce(dev
, apdev
):
4057 """DPP protocol testing - no I-nonce in Auth Resp(status)"""
4058 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce",
4059 incompatible_roles
=True)
4061 def test_dpp_proto_auth_resp_no_r_capab(dev
, apdev
):
4062 """DPP protocol testing - no R-capab in Auth Resp"""
4063 run_dpp_proto_auth_resp_missing(dev
, 22, "Missing or invalid R-capabilities")
4065 def test_dpp_proto_auth_resp_no_r_auth(dev
, apdev
):
4066 """DPP protocol testing - no R-auth in Auth Resp"""
4067 run_dpp_proto_auth_resp_missing(dev
, 23, "Missing or invalid Secondary Wrapped Data")
4069 def test_dpp_proto_auth_resp_no_wrapped_data(dev
, apdev
):
4070 """DPP protocol testing - no Wrapped Data in Auth Resp"""
4071 run_dpp_proto_auth_resp_missing(dev
, 24, "Missing or invalid required Wrapped Data attribute")
4073 def test_dpp_proto_auth_resp_i_nonce_mismatch(dev
, apdev
):
4074 """DPP protocol testing - I-nonce mismatch in Auth Resp"""
4075 run_dpp_proto_init(dev
, 0, 30, mutual
=True)
4076 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4078 raise Exception("DPP failure not seen")
4079 if "I-nonce mismatch" not in ev
:
4080 raise Exception("Unexpected failure: " + ev
)
4081 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
4082 if ev
is None or "type=0" not in ev
:
4083 raise Exception("DPP Authentication Request not seen")
4084 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
4086 raise Exception("Unexpected DPP message seen")
4088 def test_dpp_proto_auth_resp_incompatible_r_capab(dev
, apdev
):
4089 """DPP protocol testing - Incompatible R-capab in Auth Resp"""
4090 run_dpp_proto_init(dev
, 0, 31, mutual
=True)
4091 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4093 raise Exception("DPP failure not seen")
4094 if "Unexpected role in R-capabilities 0x02" not in ev
:
4095 raise Exception("Unexpected failure: " + ev
)
4096 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4098 raise Exception("DPP failure not seen")
4099 if "Peer reported incompatible R-capab role" not in ev
:
4100 raise Exception("Unexpected failure: " + ev
)
4102 def test_dpp_proto_auth_resp_r_auth_mismatch(dev
, apdev
):
4103 """DPP protocol testing - R-auth mismatch in Auth Resp"""
4104 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4105 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4107 raise Exception("DPP failure not seen")
4108 if "Mismatching Responder Authenticating Tag" not in ev
:
4109 raise Exception("Unexpected failure: " + ev
)
4110 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4112 raise Exception("DPP failure not seen")
4113 if "Peer reported authentication failure" not in ev
:
4114 raise Exception("Unexpected failure: " + ev
)
4116 def run_dpp_proto_auth_conf_missing(dev
, test
, reason
):
4117 run_dpp_proto_init(dev
, 1, test
, mutual
=True)
4121 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4123 raise Exception("DPP failure not seen")
4124 if reason
not in ev
:
4125 raise Exception("Unexpected failure: " + ev
)
4127 def test_dpp_proto_auth_conf_no_status(dev
, apdev
):
4128 """DPP protocol testing - no Status in Auth Conf"""
4129 run_dpp_proto_auth_conf_missing(dev
, 25, "Missing or invalid required DPP Status attribute")
4131 def test_dpp_proto_auth_conf_invalid_status(dev
, apdev
):
4132 """DPP protocol testing - invalid Status in Auth Conf"""
4133 run_dpp_proto_auth_conf_missing(dev
, 75, "Authentication failed")
4135 def test_dpp_proto_auth_conf_no_r_bootstrap_key(dev
, apdev
):
4136 """DPP protocol testing - no R-bootstrap key in Auth Conf"""
4137 run_dpp_proto_auth_conf_missing(dev
, 26, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4139 def test_dpp_proto_auth_conf_invalid_r_bootstrap_key(dev
, apdev
):
4140 """DPP protocol testing - invalid R-bootstrap key in Auth Conf"""
4141 run_dpp_proto_auth_conf_missing(dev
, 72, "Responder Bootstrapping Key Hash mismatch")
4143 def test_dpp_proto_auth_conf_no_i_bootstrap_key(dev
, apdev
):
4144 """DPP protocol testing - no I-bootstrap key in Auth Conf"""
4145 run_dpp_proto_auth_conf_missing(dev
, 27, "Missing Initiator Bootstrapping Key Hash attribute")
4147 def test_dpp_proto_auth_conf_invalid_i_bootstrap_key(dev
, apdev
):
4148 """DPP protocol testing - invalid I-bootstrap key in Auth Conf"""
4149 run_dpp_proto_auth_conf_missing(dev
, 73, "Initiator Bootstrapping Key Hash mismatch")
4151 def test_dpp_proto_auth_conf_no_i_auth(dev
, apdev
):
4152 """DPP protocol testing - no I-Auth in Auth Conf"""
4153 run_dpp_proto_auth_conf_missing(dev
, 28, "Missing or invalid Initiator Authenticating Tag")
4155 def test_dpp_proto_auth_conf_no_wrapped_data(dev
, apdev
):
4156 """DPP protocol testing - no Wrapped Data in Auth Conf"""
4157 run_dpp_proto_auth_conf_missing(dev
, 29, "Missing or invalid required Wrapped Data attribute")
4159 def test_dpp_proto_auth_conf_i_auth_mismatch(dev
, apdev
):
4160 """DPP protocol testing - I-auth mismatch in Auth Conf"""
4161 run_dpp_proto_init(dev
, 1, 33, mutual
=True)
4162 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4164 raise Exception("DPP failure not seen")
4165 if "Mismatching Initiator Authenticating Tag" not in ev
:
4166 raise Excception("Unexpected failure: " + ev
)
4168 def test_dpp_proto_auth_conf_replaced_by_resp(dev
, apdev
):
4169 """DPP protocol testing - Auth Conf replaced by Resp"""
4170 run_dpp_proto_init(dev
, 1, 65, mutual
=True)
4171 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4173 raise Exception("DPP failure not seen")
4174 if "Unexpected Authentication Response" not in ev
:
4175 raise Excception("Unexpected failure: " + ev
)
4177 def run_dpp_proto_conf_req_missing(dev
, test
, reason
):
4178 run_dpp_proto_init(dev
, 0, test
)
4179 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4181 raise Exception("DPP failure not seen")
4182 if reason
not in ev
:
4183 raise Exception("Unexpected failure: " + ev
)
4185 def test_dpp_proto_conf_req_no_e_nonce(dev
, apdev
):
4186 """DPP protocol testing - no E-nonce in Conf Req"""
4187 run_dpp_proto_conf_req_missing(dev
, 51,
4188 "Missing or invalid Enrollee Nonce attribute")
4190 def test_dpp_proto_conf_req_invalid_e_nonce(dev
, apdev
):
4191 """DPP protocol testing - invalid E-nonce in Conf Req"""
4192 run_dpp_proto_conf_req_missing(dev
, 83,
4193 "Missing or invalid Enrollee Nonce attribute")
4195 def test_dpp_proto_conf_req_no_config_attr_obj(dev
, apdev
):
4196 """DPP protocol testing - no Config Attr Obj in Conf Req"""
4197 run_dpp_proto_conf_req_missing(dev
, 52,
4198 "Missing or invalid Config Attributes attribute")
4200 def test_dpp_proto_conf_req_invalid_config_attr_obj(dev
, apdev
):
4201 """DPP protocol testing - invalid Config Attr Obj in Conf Req"""
4202 run_dpp_proto_conf_req_missing(dev
, 76,
4203 "Unsupported wi-fi_tech")
4205 def test_dpp_proto_conf_req_no_wrapped_data(dev
, apdev
):
4206 """DPP protocol testing - no Wrapped Data in Conf Req"""
4207 run_dpp_proto_conf_req_missing(dev
, 53,
4208 "Missing or invalid required Wrapped Data attribute")
4210 def run_dpp_proto_conf_resp_missing(dev
, test
, reason
):
4211 run_dpp_proto_init(dev
, 1, test
)
4212 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4214 raise Exception("DPP failure not seen")
4215 if reason
not in ev
:
4216 raise Exception("Unexpected failure: " + ev
)
4218 def test_dpp_proto_conf_resp_no_e_nonce(dev
, apdev
):
4219 """DPP protocol testing - no E-nonce in Conf Resp"""
4220 run_dpp_proto_conf_resp_missing(dev
, 54,
4221 "Missing or invalid Enrollee Nonce attribute")
4223 def test_dpp_proto_conf_resp_no_config_obj(dev
, apdev
):
4224 """DPP protocol testing - no Config Object in Conf Resp"""
4225 run_dpp_proto_conf_resp_missing(dev
, 55,
4226 "Missing required Configuration Object attribute")
4228 def test_dpp_proto_conf_resp_no_status(dev
, apdev
):
4229 """DPP protocol testing - no Status in Conf Resp"""
4230 run_dpp_proto_conf_resp_missing(dev
, 56,
4231 "Missing or invalid required DPP Status attribute")
4233 def test_dpp_proto_conf_resp_no_wrapped_data(dev
, apdev
):
4234 """DPP protocol testing - no Wrapped Data in Conf Resp"""
4235 run_dpp_proto_conf_resp_missing(dev
, 57,
4236 "Missing or invalid required Wrapped Data attribute")
4238 def test_dpp_proto_conf_resp_invalid_status(dev
, apdev
):
4239 """DPP protocol testing - invalid Status in Conf Resp"""
4240 run_dpp_proto_conf_resp_missing(dev
, 58,
4241 "Configurator rejected configuration")
4243 def test_dpp_proto_conf_resp_e_nonce_mismatch(dev
, apdev
):
4244 """DPP protocol testing - E-nonce mismatch in Conf Resp"""
4245 run_dpp_proto_conf_resp_missing(dev
, 59,
4246 "Enrollee Nonce mismatch")
4248 def test_dpp_proto_stop_at_auth_req(dev
, apdev
):
4249 """DPP protocol testing - stop when receiving Auth Req"""
4250 run_dpp_proto_init(dev
, 0, 87)
4251 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4253 raise Exception("Authentication init failure not reported")
4255 def test_dpp_proto_stop_at_auth_resp(dev
, apdev
):
4256 """DPP protocol testing - stop when receiving Auth Resp"""
4257 run_dpp_proto_init(dev
, 1, 88)
4259 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4261 raise Exception("Auth Req TX not seen")
4263 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4265 raise Exception("Auth Resp TX not seen")
4267 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4269 raise Exception("Unexpected Auth Conf TX")
4271 def test_dpp_proto_stop_at_auth_conf(dev
, apdev
):
4272 """DPP protocol testing - stop when receiving Auth Conf"""
4273 run_dpp_proto_init(dev
, 0, 89, init_enrollee
=True)
4274 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=10)
4276 raise Exception("Enrollee did not start GAS")
4277 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4279 raise Exception("Enrollee did not time out GAS")
4280 if "result=TIMEOUT" not in ev
:
4281 raise Exception("Unexpected GAS result: " + ev
)
4283 def test_dpp_proto_stop_at_auth_conf_tx(dev
, apdev
):
4284 """DPP protocol testing - stop when transmitting Auth Conf (Registrar)"""
4285 run_dpp_proto_init(dev
, 1, 89, init_enrollee
=True)
4286 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4288 raise Exception("Authentication did not succeed (Initiator)")
4289 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4291 raise Exception("Authentication did not succeed (Responder)")
4292 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=0.1)
4294 raise Exception("Unexpected GAS query")
4296 # There is currently no timeout on GAS server side, so no event to wait for
4299 def test_dpp_proto_stop_at_auth_conf_tx2(dev
, apdev
):
4300 """DPP protocol testing - stop when transmitting Auth Conf (Enrollee)"""
4301 run_dpp_proto_init(dev
, 1, 89)
4302 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4304 raise Exception("Authentication did not succeed (Initiator)")
4305 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4307 raise Exception("Authentication did not succeed (Responder)")
4309 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
4310 if ev
is None or "result=TIMEOUT" not in ev
:
4311 raise Exception("GAS query did not time out")
4313 def test_dpp_proto_stop_at_conf_req(dev
, apdev
):
4314 """DPP protocol testing - stop when receiving Auth Req"""
4315 run_dpp_proto_init(dev
, 1, 90)
4316 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=10)
4318 raise Exception("Enrollee did not start GAS")
4319 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4321 raise Exception("Enrollee did not time out GAS")
4322 if "result=TIMEOUT" not in ev
:
4323 raise Exception("Unexpected GAS result: " + ev
)
4325 def run_dpp_proto_init_pkex(dev
, test_dev
, test
):
4326 check_dpp_capab(dev
[0])
4327 check_dpp_capab(dev
[1])
4328 dev
[test_dev
].set("dpp_test", str(test
))
4330 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4331 res
= dev
[0].request(cmd
)
4333 raise Exception("Failed to generate bootstrapping info")
4336 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4337 res
= dev
[1].request(cmd
)
4339 raise Exception("Failed to generate bootstrapping info")
4342 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4343 res
= dev
[0].request(cmd
)
4345 raise Exception("Failed to set PKEX data (responder)")
4346 cmd
= "DPP_LISTEN 2437"
4347 if "OK" not in dev
[0].request(cmd
):
4348 raise Exception("Failed to start listen operation")
4350 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
4351 res
= dev
[1].request(cmd
)
4353 raise Exception("Failed to set PKEX data (initiator)")
4355 def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev
, apdev
):
4356 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
4357 run_dpp_proto_init_pkex(dev
, 1, 4)
4358 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4359 if ev
is None or "type=7" not in ev
:
4360 raise Exception("PKEX Exchange Request not seen")
4361 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4362 if ev
is None or "type=9" not in ev
:
4363 raise Exception("PKEX Commit-Reveal Request not seen")
4364 if "ignore=invalid-attributes" not in ev
:
4365 raise Exception("Unexpected RX info: " + ev
)
4367 def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev
, apdev
):
4368 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
4369 run_dpp_proto_init_pkex(dev
, 0, 5)
4370 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4371 if ev
is None or "type=8" not in ev
:
4372 raise Exception("PKEX Exchange Response not seen")
4373 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4374 if ev
is None or "type=10" not in ev
:
4375 raise Exception("PKEX Commit-Reveal Response not seen")
4376 if "ignore=invalid-attributes" not in ev
:
4377 raise Exception("Unexpected RX info: " + ev
)
4379 def run_dpp_proto_pkex_req_missing(dev
, test
, reason
):
4380 run_dpp_proto_init_pkex(dev
, 1, test
)
4381 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4383 raise Exception("DPP failure not seen")
4384 if reason
not in ev
:
4385 raise Exception("Unexpected failure: " + ev
)
4387 def run_dpp_proto_pkex_resp_missing(dev
, test
, reason
):
4388 run_dpp_proto_init_pkex(dev
, 0, test
)
4389 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4391 raise Exception("DPP failure not seen")
4392 if reason
not in ev
:
4393 raise Exception("Unexpected failure: " + ev
)
4395 def test_dpp_proto_pkex_exchange_req_no_finite_cyclic_group(dev
, apdev
):
4396 """DPP protocol testing - no Finite Cyclic Group in PKEX Exchange Request"""
4397 run_dpp_proto_pkex_req_missing(dev
, 34,
4398 "Missing or invalid Finite Cyclic Group attribute")
4400 def test_dpp_proto_pkex_exchange_req_no_encrypted_key(dev
, apdev
):
4401 """DPP protocol testing - no Encrypted Key in PKEX Exchange Request"""
4402 run_dpp_proto_pkex_req_missing(dev
, 35,
4403 "Missing Encrypted Key attribute")
4405 def test_dpp_proto_pkex_exchange_resp_no_status(dev
, apdev
):
4406 """DPP protocol testing - no Status in PKEX Exchange Response"""
4407 run_dpp_proto_pkex_resp_missing(dev
, 36, "No DPP Status attribute")
4409 def test_dpp_proto_pkex_exchange_resp_no_encrypted_key(dev
, apdev
):
4410 """DPP protocol testing - no Encrypted Key in PKEX Exchange Response"""
4411 run_dpp_proto_pkex_resp_missing(dev
, 37, "Missing Encrypted Key attribute")
4413 def test_dpp_proto_pkex_cr_req_no_bootstrap_key(dev
, apdev
):
4414 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Request"""
4415 run_dpp_proto_pkex_req_missing(dev
, 38,
4416 "No valid peer bootstrapping key found")
4418 def test_dpp_proto_pkex_cr_req_no_i_auth_tag(dev
, apdev
):
4419 """DPP protocol testing - no I-Auth Tag in PKEX Commit-Reveal Request"""
4420 run_dpp_proto_pkex_req_missing(dev
, 39, "No valid u (I-Auth tag) found")
4422 def test_dpp_proto_pkex_cr_req_no_wrapped_data(dev
, apdev
):
4423 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Request"""
4424 run_dpp_proto_pkex_req_missing(dev
, 40, "Missing or invalid required Wrapped Data attribute")
4426 def test_dpp_proto_pkex_cr_resp_no_bootstrap_key(dev
, apdev
):
4427 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Response"""
4428 run_dpp_proto_pkex_resp_missing(dev
, 41,
4429 "No valid peer bootstrapping key found")
4431 def test_dpp_proto_pkex_cr_resp_no_r_auth_tag(dev
, apdev
):
4432 """DPP protocol testing - no R-Auth Tag in PKEX Commit-Reveal Response"""
4433 run_dpp_proto_pkex_resp_missing(dev
, 42, "No valid v (R-Auth tag) found")
4435 def test_dpp_proto_pkex_cr_resp_no_wrapped_data(dev
, apdev
):
4436 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Response"""
4437 run_dpp_proto_pkex_resp_missing(dev
, 43, "Missing or invalid required Wrapped Data attribute")
4439 def test_dpp_proto_pkex_exchange_req_invalid_encrypted_key(dev
, apdev
):
4440 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Request"""
4441 run_dpp_proto_pkex_req_missing(dev
, 44,
4442 "Invalid Encrypted Key value")
4444 def test_dpp_proto_pkex_exchange_resp_invalid_encrypted_key(dev
, apdev
):
4445 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Response"""
4446 run_dpp_proto_pkex_resp_missing(dev
, 45,
4447 "Invalid Encrypted Key value")
4449 def test_dpp_proto_pkex_exchange_resp_invalid_status(dev
, apdev
):
4450 """DPP protocol testing - invalid Status in PKEX Exchange Response"""
4451 run_dpp_proto_pkex_resp_missing(dev
, 46,
4452 "PKEX failed (peer indicated failure)")
4454 def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev
, apdev
):
4455 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request"""
4456 run_dpp_proto_pkex_req_missing(dev
, 47,
4457 "Peer bootstrapping key is invalid")
4459 def test_dpp_proto_pkex_cr_resp_invalid_bootstrap_key(dev
, apdev
):
4460 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Response"""
4461 run_dpp_proto_pkex_resp_missing(dev
, 48,
4462 "Peer bootstrapping key is invalid")
4464 def test_dpp_proto_pkex_cr_req_i_auth_tag_mismatch(dev
, apdev
):
4465 """DPP protocol testing - I-auth tag mismatch in PKEX Commit-Reveal Request"""
4466 run_dpp_proto_pkex_req_missing(dev
, 49, "No valid u (I-Auth tag) found")
4468 def test_dpp_proto_pkex_cr_resp_r_auth_tag_mismatch(dev
, apdev
):
4469 """DPP protocol testing - R-auth tag mismatch in PKEX Commit-Reveal Response"""
4470 run_dpp_proto_pkex_resp_missing(dev
, 50, "No valid v (R-Auth tag) found")
4472 def test_dpp_proto_stop_at_pkex_exchange_resp(dev
, apdev
):
4473 """DPP protocol testing - stop when receiving PKEX Exchange Response"""
4474 run_dpp_proto_init_pkex(dev
, 1, 84)
4476 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4478 raise Exception("PKEX Exchange Req TX not seen")
4480 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4482 raise Exception("PKEX Exchange Resp not seen")
4484 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4486 raise Exception("Unexpected PKEX CR Req TX")
4488 def test_dpp_proto_stop_at_pkex_cr_req(dev
, apdev
):
4489 """DPP protocol testing - stop when receiving PKEX CR Request"""
4490 run_dpp_proto_init_pkex(dev
, 0, 85)
4492 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4494 raise Exception("PKEX Exchange Req TX not seen")
4496 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4498 raise Exception("PKEX Exchange Resp not seen")
4500 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4502 raise Exception("PKEX CR Req TX not seen")
4504 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=0.1)
4506 raise Exception("Unexpected PKEX CR Resp TX")
4508 def test_dpp_proto_stop_at_pkex_cr_resp(dev
, apdev
):
4509 """DPP protocol testing - stop when receiving PKEX CR Response"""
4510 run_dpp_proto_init_pkex(dev
, 1, 86)
4512 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4514 raise Exception("PKEX Exchange Req TX not seen")
4516 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4518 raise Exception("PKEX Exchange Resp not seen")
4520 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4522 raise Exception("PKEX CR Req TX not seen")
4524 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4526 raise Exception("PKEX CR Resp TX not seen")
4528 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4530 raise Exception("Unexpected Auth Req TX")
4532 def test_dpp_proto_network_introduction(dev
, apdev
):
4533 """DPP protocol testing - network introduction"""
4534 check_dpp_capab(dev
[0])
4535 check_dpp_capab(dev
[1])
4537 csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
4538 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
4539 ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
4540 sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
4541 sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
4543 params
= { "ssid": "dpp",
4545 "wpa_key_mgmt": "DPP",
4547 "rsn_pairwise": "CCMP",
4548 "dpp_connector": ap_connector
,
4550 "dpp_netaccesskey": ap_netaccesskey
}
4552 hapd
= hostapd
.add_ap(apdev
[0], params
)
4554 raise HwsimSkip("DPP not supported")
4556 for test
in [ 60, 61, 80, 82 ]:
4557 dev
[0].set("dpp_test", str(test
))
4558 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4559 dpp_csign
=csign
, dpp_connector
=sta_connector
,
4560 dpp_netaccesskey
=sta_netaccesskey
, wait_connect
=False)
4562 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=10)
4563 if ev
is None or "type=5" not in ev
:
4564 raise Exception("Peer Discovery Request TX not reported")
4565 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=2)
4566 if ev
is None or "result=SUCCESS" not in ev
:
4567 raise Exception("Peer Discovery Request TX status not reported")
4569 ev
= hapd
.wait_event(["DPP-RX"], timeout
=10)
4570 if ev
is None or "type=5" not in ev
:
4571 raise Exception("Peer Discovery Request RX not reported")
4574 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4576 raise Exception("DPP-INTRO not reported for test 80")
4577 if "status=7" not in ev
:
4578 raise Exception("Unexpected result in test 80: " + ev
)
4580 dev
[0].request("REMOVE_NETWORK all")
4581 dev
[0].dump_monitor()
4583 dev
[0].set("dpp_test", "0")
4585 for test
in [ 62, 63, 64, 77, 78, 79 ]:
4586 hapd
.set("dpp_test", str(test
))
4587 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4588 dpp_csign
=csign
, dpp_connector
=sta_connector
,
4589 dpp_netaccesskey
=sta_netaccesskey
, wait_connect
=False)
4591 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4593 raise Exception("Peer introduction result not reported (test %d)" % test
)
4595 if "fail=transaction_id_mismatch" not in ev
:
4596 raise Exception("Connector validation failure not reported")
4598 if "status=254" not in ev
:
4599 raise Exception("Invalid status value not reported")
4601 if "fail=peer_connector_validation_failed" not in ev
:
4602 raise Exception("Connector validation failure not reported")
4603 elif "status=" in ev
:
4604 raise Exception("Unexpected peer introduction result (test %d): " % test
+ ev
)
4606 dev
[0].request("REMOVE_NETWORK all")
4607 dev
[0].dump_monitor()
4609 hapd
.set("dpp_test", "0")
4611 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4612 dpp_csign
=csign
, dpp_connector
=sta_connector
,
4613 dpp_netaccesskey
=sta_netaccesskey
)
4615 def test_dpp_qr_code_no_chan_list_unicast(dev
, apdev
):
4616 """DPP QR Code and no channel list (unicast)"""
4617 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, None)
4619 def test_dpp_qr_code_chan_list_unicast(dev
, apdev
):
4620 """DPP QR Code and 2.4 GHz channels (unicast)"""
4621 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417,
4622 "81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13")
4624 def test_dpp_qr_code_chan_list_no_peer_unicast(dev
, apdev
):
4625 """DPP QR Code and channel list and no peer (unicast)"""
4626 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, "81/1,81/6,81/11",
4628 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4630 raise Exception("Initiation failure not reported")
4632 def test_dpp_qr_code_no_chan_list_broadcast(dev
, apdev
):
4633 """DPP QR Code and no channel list (broadcast)"""
4634 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, None)
4636 def test_dpp_qr_code_chan_list_broadcast(dev
, apdev
):
4637 """DPP QR Code and some 2.4 GHz channels (broadcast)"""
4638 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, "81/1,81/6,81/11",
4641 def run_dpp_qr_code_chan_list(dev
, apdev
, unicast
, listen_freq
, chanlist
,
4642 no_wait
=False, timeout
=5):
4643 check_dpp_capab(dev
[0])
4644 check_dpp_capab(dev
[1])
4645 dev
[1].set("dpp_init_max_tries", "3")
4646 dev
[1].set("dpp_init_retry_time", "100")
4647 dev
[1].set("dpp_resp_wait_time", "1000")
4649 logger
.info("dev0 displays QR Code")
4650 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
4652 cmd
+= " chan=" + chanlist
4654 addr
= dev
[0].own_addr().replace(':', '')
4655 cmd
+= " mac=" + addr
4656 res
= dev
[0].request(cmd
)
4658 raise Exception("Failed to generate bootstrapping info")
4660 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4662 logger
.info("dev1 scans QR Code")
4663 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
4665 raise Exception("Failed to parse QR Code URI")
4668 logger
.info("dev1 initiates DPP Authentication")
4669 cmd
= "DPP_LISTEN %d" % listen_freq
4670 if "OK" not in dev
[0].request(cmd
):
4671 raise Exception("Failed to start listen operation")
4672 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4673 if "OK" not in dev
[1].request(cmd
):
4674 raise Exception("Failed to initiate DPP Authentication")
4677 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=timeout
)
4679 raise Exception("DPP authentication did not succeed (Responder)")
4680 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4682 raise Exception("DPP authentication did not succeed (Initiator)")
4683 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
4685 raise Exception("DPP configuration not completed (Enrollee)")
4686 dev
[0].request("DPP_STOP_LISTEN")
4687 dev
[0].dump_monitor()
4688 dev
[1].dump_monitor()
4690 def test_dpp_qr_code_chan_list_no_match(dev
, apdev
):
4691 """DPP QR Code and no matching supported channel"""
4692 check_dpp_capab(dev
[0])
4693 check_dpp_capab(dev
[1])
4695 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=123/123"
4696 res
= dev
[0].request(cmd
)
4698 raise Exception("Failed to generate bootstrapping info")
4700 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4702 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
4704 raise Exception("Failed to parse QR Code URI")
4707 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4708 if "FAIL" not in dev
[1].request(cmd
):
4709 raise Exception("DPP Authentication started unexpectedly")
4711 def test_dpp_pkex_alloc_fail(dev
, apdev
):
4712 """DPP/PKEX and memory allocation failures"""
4713 check_dpp_capab(dev
[0])
4714 check_dpp_capab(dev
[1])
4716 tests
= [ (1, "=dpp_keygen_configurator"),
4717 (1, "base64_gen_encode;dpp_keygen_configurator") ]
4718 for count
, func
in tests
:
4719 with
alloc_fail(dev
[1], count
, func
):
4720 cmd
= "DPP_CONFIGURATOR_ADD"
4721 res
= dev
[1].request(cmd
);
4722 if "FAIL" not in res
:
4723 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4725 cmd
= "DPP_CONFIGURATOR_ADD"
4726 res
= dev
[1].request(cmd
);
4728 raise Exception("Failed to add configurator")
4731 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4732 res
= dev
[0].request(cmd
)
4734 raise Exception("Failed to generate bootstrapping info")
4737 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4738 res
= dev
[1].request(cmd
)
4740 raise Exception("Failed to generate bootstrapping info")
4743 # Local error cases on the Initiator
4744 tests
= [ (1, "dpp_get_pubkey_point"),
4745 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"),
4746 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"),
4747 (1, "dpp_alloc_msg;dpp_auth_build_req"),
4748 (1, "dpp_alloc_msg;dpp_auth_build_conf"),
4749 (1, "dpp_bootstrap_key_hash"),
4750 (1, "dpp_auth_init"),
4751 (1, "=dpp_auth_resp_rx"),
4752 (2, "=dpp_auth_resp_rx"),
4753 (1, "dpp_build_conf_start"),
4754 (1, "dpp_build_conf_obj_dpp"),
4755 (2, "dpp_build_conf_obj_dpp"),
4756 (3, "dpp_build_conf_obj_dpp"),
4757 (4, "dpp_build_conf_obj_dpp"),
4758 (5, "dpp_build_conf_obj_dpp"),
4759 (6, "dpp_build_conf_obj_dpp"),
4760 (7, "dpp_build_conf_obj_dpp"),
4761 (8, "dpp_build_conf_obj_dpp"),
4762 (1, "dpp_conf_req_rx"),
4763 (2, "dpp_conf_req_rx"),
4764 (3, "dpp_conf_req_rx"),
4765 (4, "dpp_conf_req_rx"),
4766 (5, "dpp_conf_req_rx"),
4767 (6, "dpp_conf_req_rx"),
4768 (7, "dpp_conf_req_rx"),
4769 (1, "dpp_pkex_init"),
4770 (2, "dpp_pkex_init"),
4771 (3, "dpp_pkex_init"),
4772 (1, "dpp_pkex_derive_z"),
4773 (1, "=dpp_pkex_rx_commit_reveal_resp"),
4774 (1, "dpp_get_pubkey_point;dpp_build_jwk"),
4775 (2, "dpp_get_pubkey_point;dpp_build_jwk"),
4776 (1, "dpp_get_pubkey_point;dpp_auth_init") ]
4777 for count
, func
in tests
:
4778 dev
[0].request("DPP_STOP_LISTEN")
4779 dev
[1].request("DPP_STOP_LISTEN")
4780 dev
[0].dump_monitor()
4781 dev
[1].dump_monitor()
4783 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4784 res
= dev
[0].request(cmd
)
4786 raise Exception("Failed to set PKEX data (responder)")
4787 cmd
= "DPP_LISTEN 2437"
4788 if "OK" not in dev
[0].request(cmd
):
4789 raise Exception("Failed to start listen operation")
4791 with
alloc_fail(dev
[1], count
, func
):
4792 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4794 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL", max_iter
=100)
4795 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4797 dev
[0].request("DPP_STOP_LISTEN")
4798 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4800 # Local error cases on the Responder
4801 tests
= [ (1, "dpp_get_pubkey_point"),
4802 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"),
4803 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"),
4804 (1, "dpp_alloc_msg;dpp_auth_build_resp"),
4805 (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"),
4806 (1, "=dpp_auth_req_rx"),
4807 (2, "=dpp_auth_req_rx"),
4808 (1, "=dpp_auth_conf_rx"),
4809 (1, "json_parse;dpp_parse_jws_prot_hdr"),
4810 (1, "json_get_member_base64url;dpp_parse_jws_prot_hdr"),
4811 (1, "json_get_member_base64url;dpp_parse_jwk"),
4812 (2, "json_get_member_base64url;dpp_parse_jwk"),
4813 (1, "json_parse;dpp_parse_connector"),
4814 (1, "dpp_parse_jwk;dpp_parse_connector"),
4815 (1, "dpp_parse_jwk;dpp_parse_cred_dpp"),
4816 (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"),
4817 (1, "base64_gen_decode;dpp_process_signed_connector"),
4818 (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"),
4819 (2, "base64_gen_decode;dpp_process_signed_connector"),
4820 (3, "base64_gen_decode;dpp_process_signed_connector"),
4821 (4, "base64_gen_decode;dpp_process_signed_connector"),
4822 (1, "json_parse;dpp_parse_conf_obj"),
4823 (1, "dpp_conf_resp_rx"),
4824 (1, "=dpp_pkex_derive_z"),
4825 (1, "=dpp_pkex_rx_exchange_req"),
4826 (2, "=dpp_pkex_rx_exchange_req"),
4827 (3, "=dpp_pkex_rx_exchange_req"),
4828 (1, "=dpp_pkex_rx_commit_reveal_req"),
4829 (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"),
4830 (1, "dpp_bootstrap_key_hash") ]
4831 for count
, func
in tests
:
4832 dev
[0].request("DPP_STOP_LISTEN")
4833 dev
[1].request("DPP_STOP_LISTEN")
4834 dev
[0].dump_monitor()
4835 dev
[1].dump_monitor()
4837 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4838 res
= dev
[0].request(cmd
)
4840 raise Exception("Failed to set PKEX data (responder)")
4841 cmd
= "DPP_LISTEN 2437"
4842 if "OK" not in dev
[0].request(cmd
):
4843 raise Exception("Failed to start listen operation")
4845 with
alloc_fail(dev
[0], count
, func
):
4846 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4848 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL", max_iter
=100)
4849 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4851 dev
[0].request("DPP_STOP_LISTEN")
4852 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4854 def test_dpp_pkex_test_fail(dev
, apdev
):
4855 """DPP/PKEX and local failures"""
4856 check_dpp_capab(dev
[0])
4857 check_dpp_capab(dev
[1])
4859 tests
= [ (1, "dpp_keygen_configurator") ]
4860 for count
, func
in tests
:
4861 with
fail_test(dev
[1], count
, func
):
4862 cmd
= "DPP_CONFIGURATOR_ADD"
4863 res
= dev
[1].request(cmd
);
4864 if "FAIL" not in res
:
4865 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4867 tests
= [ (1, "dpp_keygen") ]
4868 for count
, func
in tests
:
4869 with
fail_test(dev
[1], count
, func
):
4870 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4871 res
= dev
[1].request(cmd
);
4872 if "FAIL" not in res
:
4873 raise Exception("Unexpected DPP_BOOTSTRAP_GEN success")
4875 cmd
= "DPP_CONFIGURATOR_ADD"
4876 res
= dev
[1].request(cmd
);
4878 raise Exception("Failed to add configurator")
4881 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4882 res
= dev
[0].request(cmd
)
4884 raise Exception("Failed to generate bootstrapping info")
4887 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4888 res
= dev
[1].request(cmd
)
4890 raise Exception("Failed to generate bootstrapping info")
4893 # Local error cases on the Initiator
4894 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_req"),
4895 (1, "os_get_random;dpp_auth_init"),
4896 (1, "dpp_derive_k1;dpp_auth_init"),
4897 (1, "dpp_hkdf_expand;dpp_derive_k1;dpp_auth_init"),
4898 (1, "dpp_gen_i_auth;dpp_auth_build_conf"),
4899 (1, "aes_siv_encrypt;dpp_auth_build_conf"),
4900 (1, "dpp_derive_k2;dpp_auth_resp_rx"),
4901 (1, "dpp_hkdf_expand;dpp_derive_k2;dpp_auth_resp_rx"),
4902 (1, "dpp_derive_ke;dpp_auth_resp_rx"),
4903 (1, "dpp_hkdf_expand;dpp_derive_ke;dpp_auth_resp_rx"),
4904 (1, "dpp_gen_r_auth;dpp_auth_resp_rx"),
4905 (1, "aes_siv_encrypt;dpp_build_conf_resp"),
4906 (1, "dpp_pkex_derive_Qi;dpp_pkex_build_exchange_req"),
4907 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_req"),
4908 (1, "hmac_sha256_vector;dpp_pkex_rx_exchange_resp"),
4909 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_resp"),
4910 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_resp"),
4911 (1, "dpp_bootstrap_key_hash") ]
4912 for count
, func
in tests
:
4913 dev
[0].request("DPP_STOP_LISTEN")
4914 dev
[1].request("DPP_STOP_LISTEN")
4915 dev
[0].dump_monitor()
4916 dev
[1].dump_monitor()
4918 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4919 res
= dev
[0].request(cmd
)
4921 raise Exception("Failed to set PKEX data (responder)")
4922 cmd
= "DPP_LISTEN 2437"
4923 if "OK" not in dev
[0].request(cmd
):
4924 raise Exception("Failed to start listen operation")
4926 with
fail_test(dev
[1], count
, func
):
4927 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4929 wait_fail_trigger(dev
[1], "GET_FAIL", max_iter
=100)
4930 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4932 dev
[0].request("DPP_STOP_LISTEN")
4933 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4935 # Local error cases on the Responder
4936 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_resp"),
4937 (1, "aes_siv_encrypt;dpp_auth_build_resp;dpp_auth_build_resp_ok"),
4938 (1, "os_get_random;dpp_build_conf_req"),
4939 (1, "aes_siv_encrypt;dpp_build_conf_req"),
4940 (1, "os_get_random;dpp_auth_build_resp_ok"),
4941 (1, "dpp_derive_k2;dpp_auth_build_resp_ok"),
4942 (1, "dpp_derive_ke;dpp_auth_build_resp_ok"),
4943 (1, "dpp_gen_r_auth;dpp_auth_build_resp_ok"),
4944 (1, "aes_siv_encrypt;dpp_auth_build_resp_ok"),
4945 (1, "dpp_derive_k1;dpp_auth_req_rx"),
4946 (1, "aes_siv_decrypt;dpp_auth_req_rx"),
4947 (1, "aes_siv_decrypt;dpp_auth_conf_rx"),
4948 (1, "dpp_gen_i_auth;dpp_auth_conf_rx"),
4949 (1, "dpp_check_pubkey_match"),
4950 (1, "aes_siv_decrypt;dpp_conf_resp_rx"),
4951 (1, "hmac_sha256_kdf;dpp_pkex_derive_z"),
4952 (1, "dpp_pkex_derive_Qi;dpp_pkex_rx_exchange_req"),
4953 (1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_req"),
4954 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_resp"),
4955 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_req"),
4956 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req"),
4957 (2, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req") ]
4958 for count
, func
in tests
:
4959 dev
[0].request("DPP_STOP_LISTEN")
4960 dev
[1].request("DPP_STOP_LISTEN")
4961 dev
[0].dump_monitor()
4962 dev
[1].dump_monitor()
4964 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4965 res
= dev
[0].request(cmd
)
4967 raise Exception("Failed to set PKEX data (responder)")
4968 cmd
= "DPP_LISTEN 2437"
4969 if "OK" not in dev
[0].request(cmd
):
4970 raise Exception("Failed to start listen operation")
4972 with
fail_test(dev
[0], count
, func
):
4973 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4975 wait_fail_trigger(dev
[0], "GET_FAIL", max_iter
=100)
4976 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4978 dev
[0].request("DPP_STOP_LISTEN")
4979 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4981 def test_dpp_keygen_configurator_error(dev
, apdev
):
4982 """DPP Configurator keygen error case"""
4983 check_dpp_capab(dev
[0])
4984 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD curve=unknown"):
4985 raise Exception("Unexpected success of invalid DPP_CONFIGURATOR_ADD")
4987 def rx_process_frame(dev
):
4989 if "OK" not in dev
.request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
4990 raise Exception("MGMT_RX_PROCESS failed")
4992 def wait_auth_success(responder
, initiator
):
4993 ev
= responder
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4995 raise Exception("DPP authentication did not succeed (Responder)")
4996 ev
= initiator
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4998 raise Exception("DPP authentication did not succeed (Initiator)")
5000 def wait_conf_completion(configurator
, enrollee
):
5001 ev
= configurator
.wait_event(["DPP-CONF-SENT"], timeout
=5)
5003 raise Exception("DPP configuration not completed (Configurator)")
5004 ev
= enrollee
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"],
5007 raise Exception("DPP configuration not completed (Enrollee)")
5010 addr
= dev
[0].own_addr().replace(':', '')
5011 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5012 res
= dev
[0].request(cmd
)
5014 raise Exception("Failed to generate bootstrapping info")
5016 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5018 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5020 raise Exception("Failed to parse QR Code URI")
5023 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
5024 dev
[0].set("dpp_config_obj_override", conf
)
5026 dev
[0].set("ext_mgmt_frame_handling", "1")
5027 cmd
= "DPP_LISTEN 2412"
5028 if "OK" not in dev
[0].request(cmd
):
5029 raise Exception("Failed to start listen operation")
5030 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5031 if "OK" not in dev
[1].request(cmd
):
5032 raise Exception("Failed to initiate DPP Authentication")
5034 def test_dpp_gas_timeout_handling(dev
, apdev
):
5035 """DPP and GAS timeout handling"""
5036 check_dpp_capab(dev
[0])
5037 check_dpp_capab(dev
[1])
5040 # DPP Authentication Request
5041 rx_process_frame(dev
[0])
5043 # DPP Authentication Confirmation
5044 rx_process_frame(dev
[0])
5046 wait_auth_success(dev
[0], dev
[1])
5048 # DPP Configuration Request (GAS Initial Request frame)
5049 rx_process_frame(dev
[0])
5051 # DPP Configuration Request (GAS Comeback Request frame)
5052 rx_process_frame(dev
[0])
5054 # Wait for GAS timeout
5055 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
5057 raise Exception("DPP configuration not completed (Enrollee)")
5059 def test_dpp_gas_comeback_after_failure(dev
, apdev
):
5060 """DPP and GAS comeback after failure"""
5061 check_dpp_capab(dev
[0])
5062 check_dpp_capab(dev
[1])
5065 # DPP Authentication Request
5066 rx_process_frame(dev
[0])
5068 # DPP Authentication Confirmation
5069 rx_process_frame(dev
[0])
5071 wait_auth_success(dev
[0], dev
[1])
5073 # DPP Configuration Request (GAS Initial Request frame)
5074 rx_process_frame(dev
[0])
5076 # DPP Configuration Request (GAS Comeback Request frame)
5077 msg
= dev
[0].mgmt_rx()
5078 frame
= msg
['frame'].encode('hex')
5079 with
alloc_fail(dev
[0], 1, "gas_build_comeback_resp;gas_server_handle_rx_comeback_req"):
5080 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5081 raise Exception("MGMT_RX_PROCESS failed")
5082 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5083 # Try the same frame again - this is expected to fail since the response has
5084 # already been freed.
5085 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5086 raise Exception("MGMT_RX_PROCESS failed")
5088 # DPP Configuration Request (GAS Comeback Request frame retry)
5089 msg
= dev
[0].mgmt_rx()
5091 def test_dpp_gas(dev
, apdev
):
5092 """DPP and GAS protocol testing"""
5093 check_dpp_capab(dev
[0])
5094 check_dpp_capab(dev
[1])
5097 # DPP Authentication Request
5098 rx_process_frame(dev
[0])
5100 # DPP Authentication Confirmation
5101 rx_process_frame(dev
[0])
5103 wait_auth_success(dev
[0], dev
[1])
5105 # DPP Configuration Request (GAS Initial Request frame)
5106 msg
= dev
[0].mgmt_rx()
5108 # Protected Dual of GAS Initial Request frame (dropped by GAS server)
5109 frame
= msg
['frame'].encode('hex')
5110 frame
= frame
[0:48] + "09" + frame
[50:]
5111 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5112 raise Exception("MGMT_RX_PROCESS failed")
5114 with
alloc_fail(dev
[0], 1, "gas_server_send_resp"):
5115 frame
= msg
['frame'].encode('hex')
5116 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5117 raise Exception("MGMT_RX_PROCESS failed")
5118 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5120 with
alloc_fail(dev
[0], 1, "gas_build_initial_resp;gas_server_send_resp"):
5121 frame
= msg
['frame'].encode('hex')
5122 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5123 raise Exception("MGMT_RX_PROCESS failed")
5124 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5126 # Add extra data after Query Request field to trigger
5127 # "GAS: Ignored extra data after Query Request field"
5128 frame
= msg
['frame'].encode('hex') + "00"
5129 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5130 raise Exception("MGMT_RX_PROCESS failed")
5132 # DPP Configuration Request (GAS Comeback Request frame)
5133 rx_process_frame(dev
[0])
5135 # DPP Configuration Request (GAS Comeback Request frame)
5136 rx_process_frame(dev
[0])
5138 # DPP Configuration Request (GAS Comeback Request frame)
5139 rx_process_frame(dev
[0])
5141 wait_conf_completion(dev
[0], dev
[1])
5143 def test_dpp_truncated_attr(dev
, apdev
):
5144 """DPP and truncated attribute"""
5145 check_dpp_capab(dev
[0])
5146 check_dpp_capab(dev
[1])
5149 # DPP Authentication Request
5150 msg
= dev
[0].mgmt_rx()
5151 frame
= msg
['frame']
5153 # DPP: Truncated message - not enough room for the attribute - dropped
5154 frame1
= frame
[0:36].encode('hex')
5155 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame1
)):
5156 raise Exception("MGMT_RX_PROCESS failed")
5157 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5158 if ev
is None or "ignore=invalid-attributes" not in ev
:
5159 raise Exception("Invalid attribute error not reported")
5161 # DPP: Unexpected octets (3) after the last attribute
5162 frame2
= frame
.encode('hex') + "000000"
5163 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
5164 raise Exception("MGMT_RX_PROCESS failed")
5165 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5166 if ev
is None or "ignore=invalid-attributes" not in ev
:
5167 raise Exception("Invalid attribute error not reported")
5169 def test_dpp_bootstrap_key_autogen_issues(dev
, apdev
):
5170 """DPP bootstrap key autogen issues"""
5171 check_dpp_capab(dev
[0])
5172 check_dpp_capab(dev
[1])
5174 logger
.info("dev0 displays QR Code")
5175 addr
= dev
[0].own_addr().replace(':', '')
5176 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5177 res
= dev
[0].request(cmd
)
5179 raise Exception("Failed to generate bootstrapping info")
5181 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5183 logger
.info("dev1 scans QR Code")
5184 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5186 raise Exception("Failed to parse QR Code URI")
5189 logger
.info("dev1 initiates DPP Authentication")
5190 cmd
= "DPP_LISTEN 2412"
5191 if "OK" not in dev
[0].request(cmd
):
5192 raise Exception("Failed to start listen operation")
5193 with
alloc_fail(dev
[1], 1, "dpp_autogen_bootstrap_key"):
5194 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5195 if "FAIL" not in dev
[1].request(cmd
):
5196 raise Exception("Failure not reported")
5197 with
alloc_fail(dev
[1], 2, "=dpp_autogen_bootstrap_key"):
5198 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5199 if "FAIL" not in dev
[1].request(cmd
):
5200 raise Exception("Failure not reported")
5201 with
fail_test(dev
[1], 1, "dpp_keygen;dpp_autogen_bootstrap_key"):
5202 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5203 if "FAIL" not in dev
[1].request(cmd
):
5204 raise Exception("Failure not reported")
5205 dev
[0].request("DPP_STOP_LISTEN")
5207 def test_dpp_auth_resp_status_failure(dev
, apdev
):
5208 """DPP and Auth Resp(status) build failure"""
5209 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp"):
5210 run_dpp_proto_auth_resp_missing(dev
, 99999, None,
5211 incompatible_roles
=True)