]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_dpp.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Wait a bit after 'iw reg set 00' at the end of test cases
[thirdparty/hostap.git] / tests / hwsim / test_dpp.py
1 # Test cases for Device Provisioning Protocol (DPP)
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018, The Linux Foundation
4 #
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
7
8 import base64
9 import binascii
10 import hashlib
11 import logging
12 logger = logging.getLogger()
13 import struct
14 import subprocess
15 import time
16
17 import hostapd
18 import hwsim_utils
19 from utils import HwsimSkip, alloc_fail, fail_test, wait_fail_trigger
20 from wpasupplicant import WpaSupplicant
21
22 try:
23 import OpenSSL
24 openssl_imported = True
25 except ImportError:
26 openssl_imported = False
27
28 def check_dpp_capab(dev, brainpool=False):
29 if "UNKNOWN COMMAND" in dev.request("DPP_BOOTSTRAP_GET_URI 0"):
30 raise HwsimSkip("DPP not supported")
31 if brainpool:
32 tls = dev.request("GET tls_library")
33 if not tls.startswith("OpenSSL") or "run=BoringSSL" in tls:
34 raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls)
35
36 def test_dpp_qr_code_parsing(dev, apdev):
37 """DPP QR Code parsing"""
38 check_dpp_capab(dev[0])
39 id = []
40
41 tests = [ "DPP:C:81/1,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
42 "DPP:C:81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13,82/14,83/1,83/2,83/3,83/4,83/5,83/6,83/7,83/8,83/9,84/5,84/6,84/7,84/8,84/9,84/10,84/11,84/12,84/13,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
43 "DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
44 "DPP:I:;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;" ]
45 for uri in tests:
46 res = dev[0].request("DPP_QR_CODE " + uri)
47 if "FAIL" in res:
48 raise Exception("Failed to parse QR Code")
49 id.append(int(res))
50
51 uri2 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id[-1])
52 if uri != uri2:
53 raise Exception("Returned URI does not match")
54
55 tests = [ "foo",
56 "DPP:",
57 "DPP:;;",
58 "DPP:C:1/2;M:;K;;",
59 "DPP:I:;M:01020304050;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
60 "DPP:K:" + base64.b64encode("hello") + ";;",
61 "DPP:K:MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
62 "DPP:K:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNZaZA4T/kRDjnmpI1ACOJhAuTIIEk2KFOpS6XPpGF+EVr/ao3XemkE0/nzXmGaLzLqTUCJknSdxTnVPeWfCVsCAwEAAQ==;;",
63 "DPP:K:MIIBCjCB0wYHKoZIzj0CATCBxwIBATAkBgcqhkjOPQEBAhkA/////////////////////v//////////MEsEGP////////////////////7//////////AQYZCEFGeWcgOcPp+mrciQwSf643uzBRrmxAxUAMEWub8hCL2TtV5Uo04Eg6uEhltUEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
64 "DPP:I:foo\tbar;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
65 "DPP:C:1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
66 "DPP:C:81/1a;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
67 "DPP:C:1/2000,81/-1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
68 "DPP:C:-1/1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;" ]
69 for t in tests:
70 res = dev[0].request("DPP_QR_CODE " + t)
71 if "FAIL" not in res:
72 raise Exception("Accepted invalid QR Code: " + t)
73
74 logger.info("ID: " + str(id))
75 if id[0] == id[1] or id[0] == id[2] or id[1] == id[2]:
76 raise Exception("Duplicate ID returned")
77
78 if "FAIL" not in dev[0].request("DPP_BOOTSTRAP_REMOVE 12345678"):
79 raise Exception("DPP_BOOTSTRAP_REMOVE accepted unexpectedly")
80 if "OK" not in dev[0].request("DPP_BOOTSTRAP_REMOVE %d" % id[1]):
81 raise Exception("DPP_BOOTSTRAP_REMOVE failed")
82
83 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode")
84 if "FAIL" in res:
85 raise Exception("Failed to generate bootstrapping info")
86 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res))
87 logger.info("Generated URI: " + uri)
88
89 res = dev[0].request("DPP_QR_CODE " + uri)
90 if "FAIL" in res:
91 raise Exception("Failed to parse self-generated QR Code URI")
92
93 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,115/36 mac=010203040506 info=foo")
94 if "FAIL" in res:
95 raise Exception("Failed to generate bootstrapping info")
96 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res))
97 logger.info("Generated URI: " + uri)
98
99 res = dev[0].request("DPP_QR_CODE " + uri)
100 if "FAIL" in res:
101 raise Exception("Failed to parse self-generated QR Code URI")
102
103 def test_dpp_qr_code_parsing_fail(dev, apdev):
104 """DPP QR Code parsing local failure"""
105 check_dpp_capab(dev[0])
106 with alloc_fail(dev[0], 1, "dpp_parse_uri_info"):
107 if "FAIL" not in dev[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
108 raise Exception("DPP_QR_CODE failure not reported")
109
110 with alloc_fail(dev[0], 1, "dpp_parse_uri_pk"):
111 if "FAIL" not in dev[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
112 raise Exception("DPP_QR_CODE failure not reported")
113
114 with fail_test(dev[0], 1, "dpp_parse_uri_pk"):
115 if "FAIL" not in dev[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
116 raise Exception("DPP_QR_CODE failure not reported")
117
118 with alloc_fail(dev[0], 1, "dpp_parse_uri"):
119 if "FAIL" not in dev[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
120 raise Exception("DPP_QR_CODE failure not reported")
121
122 dpp_key_p256 ="30570201010420777fc55dc51e967c10ec051b91d860b5f1e6c934e48d5daffef98d032c64b170a00a06082a8648ce3d030107a124032200020c804188c7f85beb6e91070d2b3e5e39b90ca77b4d3c5251bc1844d6ca29dcad"
123 dpp_key_p384 = "307402010104302f56fdd83b5345cacb630eb7c22fa5ad5daba37307c95191e2a75756d137003bd8b32dbcb00eb5650c1eb499ecfcaec0a00706052b81040022a13403320003615ec2141b5b77aebb6523f8a012755f9a34405a8398d2ceeeebca7f5ce868bf55056cba4c4ec62fad3ed26dd29e0f23"
124 dpp_key_p521 = "308198020101044200c8010d5357204c252551aaf4e210343111e503fd1dc615b257058997c49b6b643c975226e93be8181cca3d83a7072defd161dfbdf433c19abe1f2ad51867a05761a00706052b81040023a1460344000301cdf3608b1305fe34a1f976095dcf001182b9973354efe156291a66830292f9babd8f412ad462958663e7a75d1d0610abdfc3dd95d40669f7ab3bc001668cfb3b7c"
125 dpp_key_bp256 = "3058020101042057133a676fb60bf2a3e6797e19833c7b0f89dc192ab99ab5fa377ae23a157765a00b06092b2403030208010107a12403220002945d9bf7ce30c9c1ac0ff21ca62b984d5bb80ff69d2be8c9716ab39a10d2caf0"
126 dpp_key_bp384 = "307802010104304902df9f3033a9b7128554c0851dc7127c3573eed150671dae74c0013e9896a9b1c22b6f7d43d8a2ebb7cd474dc55039a00b06092b240303020801010ba13403320003623cb5e68787f351faababf3425161571560add2e6f9a306fcbffb507735bf955bb46dd20ba246b0d5cadce73e5bd6a6"
127 dpp_key_bp512 = "30819802010104405803494226eb7e50bf0e90633f37e7e35d33f5fa502165eeba721d927f9f846caf12e925701d18e123abaaaf4a7edb4fc4de21ce18bc10c4d12e8b3439f74e40a00b06092b240303020801010da144034200033b086ccd47486522d35dc16fbb2229642c2e9e87897d45abbf21f9fb52acb5a6272b31d1b227c3e53720769cc16b4cb181b26cd0d35fe463218aaedf3b6ec00a"
128
129 def test_dpp_qr_code_curves(dev, apdev):
130 """DPP QR Code and supported curves"""
131 check_dpp_capab(dev[0])
132 tests = [ ("prime256v1", dpp_key_p256),
133 ("secp384r1", dpp_key_p384),
134 ("secp521r1", dpp_key_p521) ]
135 for curve, hex in tests:
136 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
137 if "FAIL" in id:
138 raise Exception("Failed to set key for " + curve)
139 info = dev[0].request("DPP_BOOTSTRAP_INFO " + id)
140 if "FAIL" in info:
141 raise Exception("Failed to get info for " + curve)
142 if "curve=" + curve not in info:
143 raise Exception("Curve mismatch for " + curve)
144
145 def test_dpp_qr_code_curves_brainpool(dev, apdev):
146 """DPP QR Code and supported Brainpool curves"""
147 check_dpp_capab(dev[0], brainpool=True)
148 tests = [ ("brainpoolP256r1", dpp_key_bp256),
149 ("brainpoolP384r1", dpp_key_bp384),
150 ("brainpoolP512r1", dpp_key_bp512) ]
151 for curve, hex in tests:
152 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
153 if "FAIL" in id:
154 raise Exception("Failed to set key for " + curve)
155 info = dev[0].request("DPP_BOOTSTRAP_INFO " + id)
156 if "FAIL" in info:
157 raise Exception("Failed to get info for " + curve)
158 if "curve=" + curve not in info:
159 raise Exception("Curve mismatch for " + curve)
160
161 def test_dpp_qr_code_unsupported_curve(dev, apdev):
162 """DPP QR Code and unsupported curve"""
163 check_dpp_capab(dev[0])
164
165 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode curve=unsupported")
166 if "FAIL" not in id:
167 raise Exception("Unsupported curve accepted")
168
169 tests = [ "30",
170 "305f02010104187f723ed9e1b41979ec5cd02eb82696efc76b40e277661049a00a06082a8648ce3d030101a134033200043f292614dea97c43f500f069e79ae9fb48f8b07369180de5eec8fa2bc9eea5af7a46dc335f52f10cb1c0e9464201d41b" ]
171 for hex in tests:
172 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
173 if "FAIL" not in id:
174 raise Exception("Unsupported/invalid curve accepted")
175
176 def test_dpp_qr_code_keygen_fail(dev, apdev):
177 """DPP QR Code and keygen failure"""
178 check_dpp_capab(dev[0])
179
180 with alloc_fail(dev[0], 1, "dpp_bootstrap_key_der;dpp_keygen"):
181 if "FAIL" not in dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
182 raise Exception("Failure not reported")
183
184 with alloc_fail(dev[0], 1, "base64_gen_encode;dpp_keygen"):
185 if "FAIL" not in dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
186 raise Exception("Failure not reported")
187
188 def test_dpp_qr_code_curve_select(dev, apdev):
189 """DPP QR Code and curve selection"""
190 check_dpp_capab(dev[0], brainpool=True)
191 check_dpp_capab(dev[1], brainpool=True)
192
193 addr = dev[0].own_addr().replace(':', '')
194 bi = []
195 for key in [ dpp_key_p256, dpp_key_p384, dpp_key_p521,
196 dpp_key_bp256, dpp_key_bp384, dpp_key_bp512 ]:
197 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr + " key=" + key)
198 if "FAIL" in id:
199 raise Exception("Failed to set key for " + curve)
200 info = dev[0].request("DPP_BOOTSTRAP_INFO " + id)
201 for i in info.splitlines():
202 if '=' in i:
203 name, val = i.split('=')
204 if name == "curve":
205 curve = val
206 break
207 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI " + id)
208 bi.append((curve, uri))
209
210 for curve, uri in bi:
211 logger.info("Curve: " + curve)
212 logger.info("URI: " + uri)
213
214 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
215 raise Exception("Failed to start listen operation")
216
217 res = dev[1].request("DPP_QR_CODE " + uri)
218 if "FAIL" in res:
219 raise Exception("Failed to parse QR Code URI")
220 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=" + res):
221 raise Exception("Failed to initiate DPP Authentication")
222 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
223 if ev is None:
224 raise Exception("DPP authentication did not succeed (Responder)")
225 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
226 if ev is None:
227 raise Exception("DPP authentication did not succeed (Initiator)")
228 ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=2)
229 if ev is None:
230 raise Exception("DPP configuration result not seen (Enrollee)")
231 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=2)
232 if ev is None:
233 raise Exception("DPP configuration result not seen (Responder)")
234 dev[0].request("DPP_STOP_LISTEN")
235 dev[1].request("DPP_STOP_LISTEN")
236 dev[0].dump_monitor()
237 dev[1].dump_monitor()
238
239 def test_dpp_qr_code_auth_broadcast(dev, apdev):
240 """DPP QR Code and authentication exchange (broadcast)"""
241 check_dpp_capab(dev[0])
242 check_dpp_capab(dev[1])
243 logger.info("dev0 displays QR Code")
244 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1")
245 if "FAIL" in res:
246 raise Exception("Failed to generate bootstrapping info")
247 id0 = int(res)
248 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
249
250 logger.info("dev1 scans QR Code")
251 res = dev[1].request("DPP_QR_CODE " + uri0)
252 if "FAIL" in res:
253 raise Exception("Failed to parse QR Code URI")
254 id1 = int(res)
255
256 logger.info("dev1 initiates DPP Authentication")
257 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
258 raise Exception("Failed to start listen operation")
259 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d" % id1):
260 raise Exception("Failed to initiate DPP Authentication")
261 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
262 if ev is None:
263 raise Exception("DPP authentication did not succeed (Responder)")
264 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
265 if ev is None:
266 raise Exception("DPP authentication did not succeed (Initiator)")
267 dev[0].request("DPP_STOP_LISTEN")
268
269 def test_dpp_qr_code_auth_unicast(dev, apdev):
270 """DPP QR Code and authentication exchange (unicast)"""
271 run_dpp_qr_code_auth_unicast(dev, apdev, None)
272
273 def test_dpp_qr_code_auth_unicast_ap_enrollee(dev, apdev):
274 """DPP QR Code and authentication exchange (AP enrollee)"""
275 run_dpp_qr_code_auth_unicast(dev, apdev, None, netrole="ap")
276
277 def test_dpp_qr_code_curve_prime256v1(dev, apdev):
278 """DPP QR Code and curve prime256v1"""
279 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1")
280
281 def test_dpp_qr_code_curve_secp384r1(dev, apdev):
282 """DPP QR Code and curve secp384r1"""
283 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1")
284
285 def test_dpp_qr_code_curve_secp521r1(dev, apdev):
286 """DPP QR Code and curve secp521r1"""
287 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1")
288
289 def test_dpp_qr_code_curve_brainpoolP256r1(dev, apdev):
290 """DPP QR Code and curve brainpoolP256r1"""
291 run_dpp_qr_code_auth_unicast(dev, apdev, "brainpoolP256r1")
292
293 def test_dpp_qr_code_curve_brainpoolP384r1(dev, apdev):
294 """DPP QR Code and curve brainpoolP384r1"""
295 run_dpp_qr_code_auth_unicast(dev, apdev, "brainpoolP384r1")
296
297 def test_dpp_qr_code_curve_brainpoolP512r1(dev, apdev):
298 """DPP QR Code and curve brainpoolP512r1"""
299 run_dpp_qr_code_auth_unicast(dev, apdev, "brainpoolP512r1")
300
301 def test_dpp_qr_code_set_key(dev, apdev):
302 """DPP QR Code and fixed bootstrapping key"""
303 run_dpp_qr_code_auth_unicast(dev, apdev, None, key="30770201010420e5143ac74682cc6869a830e8f5301a5fa569130ac329b1d7dd6f2a7495dbcbe1a00a06082a8648ce3d030107a144034200045e13e167c33dbc7d85541e5509600aa8139bbb3e39e25898992c5d01be92039ee2850f17e71506ded0d6b25677441eae249f8e225c68dd15a6354dca54006383")
304
305 def run_dpp_qr_code_auth_unicast(dev, apdev, curve, netrole=None, key=None,
306 require_conf_success=False, init_extra=None,
307 require_conf_failure=False,
308 configurator=False, conf_curve=None):
309 check_dpp_capab(dev[0], curve and "brainpool" in curve)
310 check_dpp_capab(dev[1], curve and "brainpool" in curve)
311 if configurator:
312 logger.info("Create configurator on dev1")
313 cmd = "DPP_CONFIGURATOR_ADD"
314 if conf_curve:
315 cmd += " curve=" + conf_curve
316 res = dev[1].request(cmd);
317 if "FAIL" in res:
318 raise Exception("Failed to add configurator")
319 conf_id = int(res)
320
321 logger.info("dev0 displays QR Code")
322 addr = dev[0].own_addr().replace(':', '')
323 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
324 if curve:
325 cmd += " curve=" + curve
326 if key:
327 cmd += " key=" + key
328 res = dev[0].request(cmd)
329 if "FAIL" in res:
330 raise Exception("Failed to generate bootstrapping info")
331 id0 = int(res)
332 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
333
334 logger.info("dev1 scans QR Code")
335 res = dev[1].request("DPP_QR_CODE " + uri0)
336 if "FAIL" in res:
337 raise Exception("Failed to parse QR Code URI")
338 id1 = int(res)
339
340 logger.info("dev1 initiates DPP Authentication")
341 cmd = "DPP_LISTEN 2412"
342 if netrole:
343 cmd += " netrole=" + netrole
344 if "OK" not in dev[0].request(cmd):
345 raise Exception("Failed to start listen operation")
346 cmd = "DPP_AUTH_INIT peer=%d" % id1
347 if init_extra:
348 cmd += " " + init_extra
349 if configurator:
350 cmd += " configurator=%d" % conf_id
351 if "OK" not in dev[1].request(cmd):
352 raise Exception("Failed to initiate DPP Authentication")
353 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
354 if ev is None:
355 raise Exception("DPP authentication did not succeed (Responder)")
356 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
357 if ev is None:
358 raise Exception("DPP authentication did not succeed (Initiator)")
359 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
360 if ev is None:
361 raise Exception("DPP configuration not completed (Configurator)")
362 ev = dev[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout=5)
363 if ev is None:
364 raise Exception("DPP configuration not completed (Enrollee)")
365 if require_conf_success:
366 if "DPP-CONF-FAILED" in ev:
367 raise Exception("DPP configuration failed")
368 if require_conf_failure:
369 if "DPP-CONF-SUCCESS" in ev:
370 raise Exception("DPP configuration succeeded unexpectedly")
371 dev[0].request("DPP_STOP_LISTEN")
372 dev[0].dump_monitor()
373 dev[1].dump_monitor()
374
375 def test_dpp_qr_code_auth_mutual(dev, apdev):
376 """DPP QR Code and authentication exchange (mutual)"""
377 check_dpp_capab(dev[0])
378 check_dpp_capab(dev[1])
379 logger.info("dev0 displays QR Code")
380 addr = dev[0].own_addr().replace(':', '')
381 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
382 if "FAIL" in res:
383 raise Exception("Failed to generate bootstrapping info")
384 id0 = int(res)
385 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
386
387 logger.info("dev1 scans QR Code")
388 res = dev[1].request("DPP_QR_CODE " + uri0)
389 if "FAIL" in res:
390 raise Exception("Failed to parse QR Code URI")
391 id1 = int(res)
392
393 logger.info("dev1 displays QR Code")
394 addr = dev[1].own_addr().replace(':', '')
395 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
396 if "FAIL" in res:
397 raise Exception("Failed to generate bootstrapping info")
398 id1b = int(res)
399 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
400
401 logger.info("dev0 scans QR Code")
402 res = dev[0].request("DPP_QR_CODE " + uri1b)
403 if "FAIL" in res:
404 raise Exception("Failed to parse QR Code URI")
405 id0b = int(res)
406
407 logger.info("dev1 initiates DPP Authentication")
408 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
409 raise Exception("Failed to start listen operation")
410 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1, id1b)):
411 raise Exception("Failed to initiate DPP Authentication")
412
413 ev = dev[1].wait_event(["DPP-AUTH-DIRECTION"], timeout=5)
414 if ev is None:
415 raise Exception("DPP authentication direction not indicated (Initiator)")
416 if "mutual=1" not in ev:
417 raise Exception("Mutual authentication not used")
418
419 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
420 if ev is None:
421 raise Exception("DPP authentication did not succeed (Responder)")
422 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
423 if ev is None:
424 raise Exception("DPP authentication did not succeed (Initiator)")
425 dev[0].request("DPP_STOP_LISTEN")
426
427 def test_dpp_qr_code_auth_mutual2(dev, apdev):
428 """DPP QR Code and authentication exchange (mutual2)"""
429 check_dpp_capab(dev[0])
430 check_dpp_capab(dev[1])
431 logger.info("dev0 displays QR Code")
432 addr = dev[0].own_addr().replace(':', '')
433 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
434 if "FAIL" in res:
435 raise Exception("Failed to generate bootstrapping info")
436 id0 = int(res)
437 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
438
439 logger.info("dev1 scans QR Code")
440 res = dev[1].request("DPP_QR_CODE " + uri0)
441 if "FAIL" in res:
442 raise Exception("Failed to parse QR Code URI")
443 id1 = int(res)
444
445 logger.info("dev1 displays QR Code")
446 addr = dev[1].own_addr().replace(':', '')
447 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
448 if "FAIL" in res:
449 raise Exception("Failed to generate bootstrapping info")
450 id1b = int(res)
451 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
452
453 logger.info("dev1 initiates DPP Authentication")
454 if "OK" not in dev[0].request("DPP_LISTEN 2412 qr=mutual"):
455 raise Exception("Failed to start listen operation")
456 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1, id1b)):
457 raise Exception("Failed to initiate DPP Authentication")
458
459 ev = dev[1].wait_event(["DPP-RESPONSE-PENDING"], timeout=5)
460 if ev is None:
461 raise Exception("Pending response not reported")
462 ev = dev[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=5)
463 if ev is None:
464 raise Exception("QR Code scan for mutual authentication not requested")
465
466 logger.info("dev0 scans QR Code")
467 res = dev[0].request("DPP_QR_CODE " + uri1b)
468 if "FAIL" in res:
469 raise Exception("Failed to parse QR Code URI")
470 id0b = int(res)
471
472 ev = dev[1].wait_event(["DPP-AUTH-DIRECTION"], timeout=5)
473 if ev is None:
474 raise Exception("DPP authentication direction not indicated (Initiator)")
475 if "mutual=1" not in ev:
476 raise Exception("Mutual authentication not used")
477
478 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
479 if ev is None:
480 raise Exception("DPP authentication did not succeed (Responder)")
481 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
482 if ev is None:
483 raise Exception("DPP authentication did not succeed (Initiator)")
484 dev[0].request("DPP_STOP_LISTEN")
485
486 def test_dpp_qr_code_auth_mutual_p_256(dev, apdev):
487 """DPP QR Code and authentication exchange (mutual, autogen P-256)"""
488 run_dpp_qr_code_auth_mutual(dev, apdev, "P-256")
489
490 def test_dpp_qr_code_auth_mutual_p_384(dev, apdev):
491 """DPP QR Code and authentication exchange (mutual, autogen P-384)"""
492 run_dpp_qr_code_auth_mutual(dev, apdev, "P-384")
493
494 def test_dpp_qr_code_auth_mutual_p_521(dev, apdev):
495 """DPP QR Code and authentication exchange (mutual, autogen P-521)"""
496 run_dpp_qr_code_auth_mutual(dev, apdev, "P-521")
497
498 def test_dpp_qr_code_auth_mutual_bp_256(dev, apdev):
499 """DPP QR Code and authentication exchange (mutual, autogen BP-256)"""
500 run_dpp_qr_code_auth_mutual(dev, apdev, "BP-256")
501
502 def test_dpp_qr_code_auth_mutual_bp_384(dev, apdev):
503 """DPP QR Code and authentication exchange (mutual, autogen BP-384)"""
504 run_dpp_qr_code_auth_mutual(dev, apdev, "BP-384")
505
506 def test_dpp_qr_code_auth_mutual_bp_512(dev, apdev):
507 """DPP QR Code and authentication exchange (mutual, autogen BP-512)"""
508 run_dpp_qr_code_auth_mutual(dev, apdev, "BP-512")
509
510 def run_dpp_qr_code_auth_mutual(dev, apdev, curve):
511 check_dpp_capab(dev[0], curve and "BP-" in curve)
512 check_dpp_capab(dev[1], curve and "BP-" in curve)
513 logger.info("dev0 displays QR Code")
514 addr = dev[0].own_addr().replace(':', '')
515 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
516 cmd += " curve=" + curve
517 res = dev[0].request(cmd)
518 if "FAIL" in res:
519 raise Exception("Failed to generate bootstrapping info")
520 id0 = int(res)
521 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
522
523 logger.info("dev1 scans QR Code")
524 res = dev[1].request("DPP_QR_CODE " + uri0)
525 if "FAIL" in res:
526 raise Exception("Failed to parse QR Code URI")
527 id1 = int(res)
528
529 logger.info("dev1 initiates DPP Authentication")
530 if "OK" not in dev[0].request("DPP_LISTEN 2412 qr=mutual"):
531 raise Exception("Failed to start listen operation")
532 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d" % (id1)):
533 raise Exception("Failed to initiate DPP Authentication")
534
535 ev = dev[1].wait_event(["DPP-RESPONSE-PENDING"], timeout=5)
536 if ev is None:
537 raise Exception("Pending response not reported")
538 uri = ev.split(' ')[1]
539
540 ev = dev[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=5)
541 if ev is None:
542 raise Exception("QR Code scan for mutual authentication not requested")
543
544 logger.info("dev0 scans QR Code")
545 res = dev[0].request("DPP_QR_CODE " + uri)
546 if "FAIL" in res:
547 raise Exception("Failed to parse QR Code URI")
548
549 ev = dev[1].wait_event(["DPP-AUTH-DIRECTION"], timeout=5)
550 if ev is None:
551 raise Exception("DPP authentication direction not indicated (Initiator)")
552 if "mutual=1" not in ev:
553 raise Exception("Mutual authentication not used")
554
555 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
556 if ev is None:
557 raise Exception("DPP authentication did not succeed (Responder)")
558 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
559 if ev is None:
560 raise Exception("DPP authentication did not succeed (Initiator)")
561 dev[0].request("DPP_STOP_LISTEN")
562
563 def test_dpp_auth_resp_retries(dev, apdev):
564 """DPP Authentication Response retries"""
565 check_dpp_capab(dev[0])
566 check_dpp_capab(dev[1])
567 dev[0].set("dpp_resp_max_tries", "3")
568 dev[0].set("dpp_resp_retry_time", "100")
569
570 logger.info("dev0 displays QR Code")
571 addr = dev[0].own_addr().replace(':', '')
572 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
573 if "FAIL" in res:
574 raise Exception("Failed to generate bootstrapping info")
575 id0 = int(res)
576 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
577
578 logger.info("dev1 scans QR Code")
579 res = dev[1].request("DPP_QR_CODE " + uri0)
580 if "FAIL" in res:
581 raise Exception("Failed to parse QR Code URI")
582 id1 = int(res)
583
584 logger.info("dev1 displays QR Code")
585 addr = dev[1].own_addr().replace(':', '')
586 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
587 if "FAIL" in res:
588 raise Exception("Failed to generate bootstrapping info")
589 id1b = int(res)
590 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
591
592 logger.info("dev1 initiates DPP Authentication")
593 if "OK" not in dev[0].request("DPP_LISTEN 2412 qr=mutual"):
594 raise Exception("Failed to start listen operation")
595 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1, id1b)):
596 raise Exception("Failed to initiate DPP Authentication")
597
598 ev = dev[1].wait_event(["DPP-RESPONSE-PENDING"], timeout=5)
599 if ev is None:
600 raise Exception("Pending response not reported")
601 ev = dev[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=5)
602 if ev is None:
603 raise Exception("QR Code scan for mutual authentication not requested")
604
605 # Stop Initiator from listening to frames to force retransmission of the
606 # DPP Authentication Response frame with Status=0
607 dev[1].request("DPP_STOP_LISTEN")
608
609 dev[1].dump_monitor()
610 dev[0].dump_monitor()
611
612 logger.info("dev0 scans QR Code")
613 res = dev[0].request("DPP_QR_CODE " + uri1b)
614 if "FAIL" in res:
615 raise Exception("Failed to parse QR Code URI")
616 id0b = int(res)
617
618 ev = dev[0].wait_event(["DPP-TX"], timeout=5)
619 if ev is None or "type=1" not in ev:
620 raise Exception("DPP Authentication Response not sent")
621 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=5)
622 if ev is None:
623 raise Exception("TX status for DPP Authentication Response not reported")
624 if "result=no-ACK" not in ev:
625 raise Exception("Unexpected TX status for Authentication Response: " + ev)
626
627 ev = dev[0].wait_event(["DPP-TX"], timeout=15)
628 if ev is None or "type=1" not in ev:
629 raise Exception("DPP Authentication Response retransmission not sent")
630
631 def test_dpp_qr_code_auth_mutual_not_used(dev, apdev):
632 """DPP QR Code and authentication exchange (mutual not used)"""
633 check_dpp_capab(dev[0])
634 check_dpp_capab(dev[1])
635 logger.info("dev0 displays QR Code")
636 addr = dev[0].own_addr().replace(':', '')
637 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
638 if "FAIL" in res:
639 raise Exception("Failed to generate bootstrapping info")
640 id0 = int(res)
641 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
642
643 logger.info("dev1 scans QR Code")
644 res = dev[1].request("DPP_QR_CODE " + uri0)
645 if "FAIL" in res:
646 raise Exception("Failed to parse QR Code URI")
647 id1 = int(res)
648
649 logger.info("dev1 displays QR Code")
650 addr = dev[1].own_addr().replace(':', '')
651 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
652 if "FAIL" in res:
653 raise Exception("Failed to generate bootstrapping info")
654 id1b = int(res)
655 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
656
657 logger.info("dev0 does not scan QR Code")
658
659 logger.info("dev1 initiates DPP Authentication")
660 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
661 raise Exception("Failed to start listen operation")
662 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1, id1b)):
663 raise Exception("Failed to initiate DPP Authentication")
664
665 ev = dev[1].wait_event(["DPP-AUTH-DIRECTION"], timeout=5)
666 if ev is None:
667 raise Exception("DPP authentication direction not indicated (Initiator)")
668 if "mutual=0" not in ev:
669 raise Exception("Mutual authentication not used")
670
671 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
672 if ev is None:
673 raise Exception("DPP authentication did not succeed (Responder)")
674 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
675 if ev is None:
676 raise Exception("DPP authentication did not succeed (Initiator)")
677 dev[0].request("DPP_STOP_LISTEN")
678
679 def test_dpp_qr_code_auth_mutual_curve_mismatch(dev, apdev):
680 """DPP QR Code and authentication exchange (mutual/mismatch)"""
681 check_dpp_capab(dev[0])
682 check_dpp_capab(dev[1])
683 logger.info("dev0 displays QR Code")
684 addr = dev[0].own_addr().replace(':', '')
685 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
686 if "FAIL" in res:
687 raise Exception("Failed to generate bootstrapping info")
688 id0 = int(res)
689 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
690
691 logger.info("dev1 scans QR Code")
692 res = dev[1].request("DPP_QR_CODE " + uri0)
693 if "FAIL" in res:
694 raise Exception("Failed to parse QR Code URI")
695 id1 = int(res)
696
697 logger.info("dev1 displays QR Code")
698 addr = dev[1].own_addr().replace(':', '')
699 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr + " curve=secp384r1")
700 if "FAIL" in res:
701 raise Exception("Failed to generate bootstrapping info")
702 id1b = int(res)
703 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
704
705 logger.info("dev0 scans QR Code")
706 res = dev[0].request("DPP_QR_CODE " + uri1b)
707 if "FAIL" in res:
708 raise Exception("Failed to parse QR Code URI")
709 id0b = int(res)
710
711 res = dev[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1, id1b))
712 if "FAIL" not in res:
713 raise Exception("DPP_AUTH_INIT accepted unexpectedly")
714
715 def test_dpp_qr_code_auth_hostapd_mutual2(dev, apdev):
716 """DPP QR Code and authentication exchange (hostapd mutual2)"""
717 check_dpp_capab(dev[0])
718 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
719 check_dpp_capab(hapd)
720
721 logger.info("AP displays QR Code")
722 addr = hapd.own_addr().replace(':', '')
723 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
724 res = hapd.request(cmd)
725 if "FAIL" in res:
726 raise Exception("Failed to generate bootstrapping info")
727 id_h = int(res)
728 uri_h = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id_h)
729
730 logger.info("dev0 scans QR Code")
731 res = dev[0].request("DPP_QR_CODE " + uri_h)
732 if "FAIL" in res:
733 raise Exception("Failed to parse QR Code URI")
734 id0 = int(res)
735
736 logger.info("dev0 displays QR Code")
737 addr = dev[0].own_addr().replace(':', '')
738 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
739 if "FAIL" in res:
740 raise Exception("Failed to generate bootstrapping info")
741 id0b = int(res)
742 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0b)
743
744 logger.info("dev0 initiates DPP Authentication")
745 if "OK" not in hapd.request("DPP_LISTEN 2412 qr=mutual"):
746 raise Exception("Failed to start listen operation")
747 if "OK" not in dev[0].request("DPP_AUTH_INIT peer=%d own=%d" % (id0, id0b)):
748 raise Exception("Failed to initiate DPP Authentication")
749
750 ev = dev[0].wait_event(["DPP-RESPONSE-PENDING"], timeout=5)
751 if ev is None:
752 raise Exception("Pending response not reported")
753 ev = hapd.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=5)
754 if ev is None:
755 raise Exception("QR Code scan for mutual authentication not requested")
756
757 logger.info("AP scans QR Code")
758 res = hapd.request("DPP_QR_CODE " + uri0)
759 if "FAIL" in res:
760 raise Exception("Failed to parse QR Code URI")
761
762 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
763 if ev is None:
764 raise Exception("DPP authentication did not succeed (Responder)")
765 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
766 if ev is None:
767 raise Exception("DPP authentication did not succeed (Initiator)")
768 hapd.request("DPP_STOP_LISTEN")
769
770 def test_dpp_qr_code_listen_continue(dev, apdev):
771 """DPP QR Code and listen operation needing continuation"""
772 check_dpp_capab(dev[0])
773 check_dpp_capab(dev[1])
774 logger.info("dev0 displays QR Code")
775 addr = dev[0].own_addr().replace(':', '')
776 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
777 if "FAIL" in res:
778 raise Exception("Failed to generate bootstrapping info")
779 id0 = int(res)
780 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
781
782 logger.info("dev1 scans QR Code")
783 res = dev[1].request("DPP_QR_CODE " + uri0)
784 if "FAIL" in res:
785 raise Exception("Failed to parse QR Code URI")
786 id1 = int(res)
787
788 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
789 raise Exception("Failed to start listen operation")
790 logger.info("Wait for listen to expire and get restarted")
791 time.sleep(5.5)
792 logger.info("dev1 initiates DPP Authentication")
793 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d" % id1):
794 raise Exception("Failed to initiate DPP Authentication")
795 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
796 if ev is None:
797 raise Exception("DPP authentication did not succeed (Responder)")
798 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
799 if ev is None:
800 raise Exception("DPP authentication did not succeed (Initiator)")
801 dev[0].request("DPP_STOP_LISTEN")
802
803 def test_dpp_qr_code_auth_initiator_enrollee(dev, apdev):
804 """DPP QR Code and authentication exchange (Initiator in Enrollee role)"""
805 check_dpp_capab(dev[0])
806 check_dpp_capab(dev[1])
807 dev[0].request("SET gas_address3 1")
808 dev[1].request("SET gas_address3 1")
809 logger.info("dev0 displays QR Code")
810 addr = dev[0].own_addr().replace(':', '')
811 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
812 if "FAIL" in res:
813 raise Exception("Failed to generate bootstrapping info")
814 id0 = int(res)
815 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
816
817 logger.info("dev1 scans QR Code")
818 res = dev[1].request("DPP_QR_CODE " + uri0)
819 if "FAIL" in res:
820 raise Exception("Failed to parse QR Code URI")
821 id1 = int(res)
822
823 logger.info("dev1 initiates DPP Authentication")
824 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
825 raise Exception("Failed to start listen operation")
826 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1):
827 raise Exception("Failed to initiate DPP Authentication")
828 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
829 if ev is None:
830 raise Exception("DPP authentication did not succeed (Responder)")
831 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
832 if ev is None:
833 raise Exception("DPP authentication did not succeed (Initiator)")
834
835 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
836 if ev is None:
837 raise Exception("DPP configuration did not succeed (Configurator)")
838 ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=5)
839 if ev is None:
840 raise Exception("DPP configuration did not succeed (Enrollee)")
841
842 dev[0].request("DPP_STOP_LISTEN")
843
844 def test_dpp_qr_code_auth_initiator_either_1(dev, apdev):
845 """DPP QR Code and authentication exchange (Initiator in either role)"""
846 run_dpp_qr_code_auth_initiator_either(dev, apdev, None, dev[1], dev[0])
847
848 def test_dpp_qr_code_auth_initiator_either_2(dev, apdev):
849 """DPP QR Code and authentication exchange (Initiator in either role)"""
850 run_dpp_qr_code_auth_initiator_either(dev, apdev, "enrollee",
851 dev[1], dev[0])
852
853 def test_dpp_qr_code_auth_initiator_either_3(dev, apdev):
854 """DPP QR Code and authentication exchange (Initiator in either role)"""
855 run_dpp_qr_code_auth_initiator_either(dev, apdev, "configurator",
856 dev[0], dev[1])
857
858 def run_dpp_qr_code_auth_initiator_either(dev, apdev, resp_role,
859 conf_dev, enrollee_dev):
860 check_dpp_capab(dev[0])
861 check_dpp_capab(dev[1])
862 logger.info("dev0 displays QR Code")
863 addr = dev[0].own_addr().replace(':', '')
864 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
865 if "FAIL" in res:
866 raise Exception("Failed to generate bootstrapping info")
867 id0 = int(res)
868 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
869
870 logger.info("dev1 scans QR Code")
871 res = dev[1].request("DPP_QR_CODE " + uri0)
872 if "FAIL" in res:
873 raise Exception("Failed to parse QR Code URI")
874 id1 = int(res)
875
876 logger.info("dev1 initiates DPP Authentication")
877 cmd = "DPP_LISTEN 2412"
878 if resp_role:
879 cmd += " role=" + resp_role
880 if "OK" not in dev[0].request(cmd):
881 raise Exception("Failed to start listen operation")
882 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=either" % id1):
883 raise Exception("Failed to initiate DPP Authentication")
884 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
885 if ev is None:
886 raise Exception("DPP authentication did not succeed (Responder)")
887 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
888 if ev is None:
889 raise Exception("DPP authentication did not succeed (Initiator)")
890
891 ev = conf_dev.wait_event(["DPP-CONF-SENT"], timeout=5)
892 if ev is None:
893 raise Exception("DPP configuration did not succeed (Configurator)")
894 ev = enrollee_dev.wait_event(["DPP-CONF-FAILED"], timeout=5)
895 if ev is None:
896 raise Exception("DPP configuration did not succeed (Enrollee)")
897
898 dev[0].request("DPP_STOP_LISTEN")
899
900 def run_init_incompatible_roles(dev, role="enrollee"):
901 check_dpp_capab(dev[0])
902 check_dpp_capab(dev[1])
903 logger.info("dev0 displays QR Code")
904 addr = dev[0].own_addr().replace(':', '')
905 res = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
906 if "FAIL" in res:
907 raise Exception("Failed to generate bootstrapping info")
908 id0 = int(res)
909 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
910
911 logger.info("dev1 scans QR Code")
912 res = dev[1].request("DPP_QR_CODE " + uri0)
913 if "FAIL" in res:
914 raise Exception("Failed to parse QR Code URI")
915 id1 = int(res)
916
917 logger.info("dev1 initiates DPP Authentication")
918 if "OK" not in dev[0].request("DPP_LISTEN 2412 role=%s" % role):
919 raise Exception("Failed to start listen operation")
920 return id1
921
922 def test_dpp_qr_code_auth_incompatible_roles(dev, apdev):
923 """DPP QR Code and authentication exchange (incompatible roles)"""
924 id1 = run_init_incompatible_roles(dev)
925 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1):
926 raise Exception("Failed to initiate DPP Authentication")
927 ev = dev[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout=5)
928 if ev is None:
929 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
930 ev = dev[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout=1)
931 if ev is None:
932 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
933
934 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1):
935 raise Exception("Failed to initiate DPP Authentication")
936 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
937 if ev is None:
938 raise Exception("DPP authentication did not succeed (Responder)")
939 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
940 if ev is None:
941 raise Exception("DPP authentication did not succeed (Initiator)")
942 dev[0].request("DPP_STOP_LISTEN")
943
944 def test_dpp_qr_code_auth_incompatible_roles2(dev, apdev):
945 """DPP QR Code and authentication exchange (incompatible roles 2)"""
946 id1 = run_init_incompatible_roles(dev, role="configurator")
947 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1):
948 raise Exception("Failed to initiate DPP Authentication")
949 ev = dev[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout=5)
950 if ev is None:
951 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
952 ev = dev[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout=1)
953 if ev is None:
954 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
955
956 def test_dpp_qr_code_auth_incompatible_roles_failure(dev, apdev):
957 """DPP QR Code and authentication exchange (incompatible roles failure)"""
958 id1 = run_init_incompatible_roles(dev, role="configurator")
959 with alloc_fail(dev[0], 1, "dpp_auth_build_resp_status"):
960 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1):
961 raise Exception("Failed to initiate DPP Authentication")
962 ev = dev[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout=1)
963 if ev is None:
964 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
965
966 def test_dpp_qr_code_auth_incompatible_roles_failure2(dev, apdev):
967 """DPP QR Code and authentication exchange (incompatible roles failure 2)"""
968 id1 = run_init_incompatible_roles(dev, role="configurator")
969 with alloc_fail(dev[1], 1, "dpp_auth_resp_rx_status"):
970 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1):
971 raise Exception("Failed to initiate DPP Authentication")
972 wait_fail_trigger(dev[1], "GET_ALLOC_FAIL")
973
974 def test_dpp_qr_code_auth_incompatible_roles_failure3(dev, apdev):
975 """DPP QR Code and authentication exchange (incompatible roles failure 3)"""
976 id1 = run_init_incompatible_roles(dev, role="configurator")
977 with fail_test(dev[1], 1, "dpp_auth_resp_rx_status"):
978 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1):
979 raise Exception("Failed to initiate DPP Authentication")
980 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
981 if ev is None or "AES-SIV decryption failed" not in ev:
982 raise Exception("AES-SIV decryption failure not reported")
983
984 def test_dpp_qr_code_auth_neg_chan(dev, apdev):
985 """DPP QR Code and authentication exchange with requested different channel"""
986 check_dpp_capab(dev[0])
987 check_dpp_capab(dev[1])
988
989 logger.info("Create configurator on dev1")
990 cmd = "DPP_CONFIGURATOR_ADD"
991 res = dev[1].request(cmd);
992 if "FAIL" in res:
993 raise Exception("Failed to add configurator")
994 conf_id = int(res)
995
996 logger.info("dev0 displays QR Code")
997 addr = dev[0].own_addr().replace(':', '')
998 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
999 res = dev[0].request(cmd)
1000 if "FAIL" in res:
1001 raise Exception("Failed to generate bootstrapping info")
1002 id0 = int(res)
1003 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1004
1005 logger.info("dev1 scans QR Code")
1006 res = dev[1].request("DPP_QR_CODE " + uri0)
1007 if "FAIL" in res:
1008 raise Exception("Failed to parse QR Code URI")
1009 id1 = int(res)
1010
1011 logger.info("dev1 initiates DPP Authentication")
1012 cmd = "DPP_LISTEN 2412"
1013 if "OK" not in dev[0].request(cmd):
1014 raise Exception("Failed to start listen operation")
1015 cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp neg_freq=2462" % (id1, conf_id)
1016 if "OK" not in dev[1].request(cmd):
1017 raise Exception("Failed to initiate DPP Authentication")
1018
1019 ev = dev[1].wait_event(["DPP-TX"], timeout=5)
1020 if ev is None:
1021 raise Exception("DPP Authentication Request not sent")
1022 if "freq=2412 type=0" not in ev:
1023 raise Exception("Unexpected TX data for Authentication Request: " + ev)
1024
1025 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
1026 if ev is None:
1027 raise Exception("DPP Authentication Request not received")
1028 if "freq=2412 type=0" not in ev:
1029 raise Exception("Unexpected RX data for Authentication Request: " + ev)
1030
1031 ev = dev[1].wait_event(["DPP-TX-STATUS"], timeout=5)
1032 if ev is None:
1033 raise Exception("TX status for DPP Authentication Request not reported")
1034 if "freq=2412 result=SUCCESS" not in ev:
1035 raise Exception("Unexpected TX status for Authentication Request: " + ev)
1036
1037 ev = dev[0].wait_event(["DPP-TX"], timeout=5)
1038 if ev is None:
1039 raise Exception("DPP Authentication Response not sent")
1040 if "freq=2462 type=1" not in ev:
1041 raise Exception("Unexpected TX data for Authentication Response: " + ev)
1042
1043 ev = dev[1].wait_event(["DPP-RX"], timeout=5)
1044 if ev is None:
1045 raise Exception("DPP Authentication Response not received")
1046 if "freq=2462 type=1" not in ev:
1047 raise Exception("Unexpected RX data for Authentication Response: " + ev)
1048
1049 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=5)
1050 if ev is None:
1051 raise Exception("TX status for DPP Authentication Response not reported")
1052 if "freq=2462 result=SUCCESS" not in ev:
1053 raise Exception("Unexpected TX status for Authentication Response: " + ev)
1054
1055 ev = dev[1].wait_event(["DPP-TX"], timeout=5)
1056 if ev is None:
1057 raise Exception("DPP Authentication Confirm not sent")
1058 if "freq=2462 type=2" not in ev:
1059 raise Exception("Unexpected TX data for Authentication Confirm: " + ev)
1060
1061 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
1062 if ev is None:
1063 raise Exception("DPP Authentication Confirm not received")
1064 if "freq=2462 type=2" not in ev:
1065 raise Exception("Unexpected RX data for Authentication Confirm: " + ev)
1066
1067 ev = dev[1].wait_event(["DPP-TX-STATUS"], timeout=5)
1068 if ev is None:
1069 raise Exception("TX status for DPP Authentication Confirm not reported")
1070 if "freq=2462 result=SUCCESS" not in ev:
1071 raise Exception("Unexpected TX status for Authentication Confirm: " + ev)
1072
1073 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
1074 if ev is None:
1075 raise Exception("DPP authentication did not succeed (Responder)")
1076 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
1077 if ev is None:
1078 raise Exception("DPP authentication did not succeed (Initiator)")
1079 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
1080 if ev is None:
1081 raise Exception("DPP configuration not completed (Configurator)")
1082 ev = dev[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout=5)
1083 if ev is None:
1084 raise Exception("DPP configuration not completed (Enrollee)")
1085 if "DPP-CONF-FAILED" in ev:
1086 raise Exception("DPP configuration failed")
1087 dev[0].request("DPP_STOP_LISTEN")
1088 dev[0].dump_monitor()
1089 dev[1].dump_monitor()
1090
1091 def test_dpp_config_legacy(dev, apdev):
1092 """DPP Config Object for legacy network using passphrase"""
1093 check_dpp_capab(dev[1])
1094 conf = '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}'
1095 dev[1].set("dpp_config_obj_override", conf)
1096 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1097 require_conf_success=True)
1098
1099 def test_dpp_config_legacy_psk_hex(dev, apdev):
1100 """DPP Config Object for legacy network using PSK"""
1101 check_dpp_capab(dev[1])
1102 conf = '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"' + 32*"12" + '"}}'
1103 dev[1].set("dpp_config_obj_override", conf)
1104 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1105 require_conf_success=True)
1106
1107 def test_dpp_config_fragmentation(dev, apdev):
1108 """DPP Config Object for legacy network requiring fragmentation"""
1109 check_dpp_capab(dev[1])
1110 conf = '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1111 dev[1].set("dpp_config_obj_override", conf)
1112 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1113 require_conf_success=True)
1114
1115 def test_dpp_config_legacy_gen(dev, apdev):
1116 """Generate DPP Config Object for legacy network"""
1117 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1118 init_extra="conf=sta-psk pass=%s" % "passphrase".encode("hex"),
1119 require_conf_success=True)
1120
1121 def test_dpp_config_legacy_gen_psk(dev, apdev):
1122 """Generate DPP Config Object for legacy network (PSK)"""
1123 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1124 init_extra="conf=sta-psk psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
1125 require_conf_success=True)
1126
1127 def test_dpp_config_dpp_gen_prime256v1(dev, apdev):
1128 """Generate DPP Config Object for DPP network (P-256)"""
1129 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1130 init_extra="conf=sta-dpp",
1131 require_conf_success=True,
1132 configurator=True)
1133
1134 def test_dpp_config_dpp_gen_secp384r1(dev, apdev):
1135 """Generate DPP Config Object for DPP network (P-384)"""
1136 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1",
1137 init_extra="conf=sta-dpp",
1138 require_conf_success=True,
1139 configurator=True)
1140
1141 def test_dpp_config_dpp_gen_secp521r1(dev, apdev):
1142 """Generate DPP Config Object for DPP network (P-521)"""
1143 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1",
1144 init_extra="conf=sta-dpp",
1145 require_conf_success=True,
1146 configurator=True)
1147
1148 def test_dpp_config_dpp_gen_prime256v1_prime256v1(dev, apdev):
1149 """Generate DPP Config Object for DPP network (P-256 + P-256)"""
1150 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1151 init_extra="conf=sta-dpp",
1152 require_conf_success=True,
1153 configurator=True,
1154 conf_curve="prime256v1")
1155
1156 def test_dpp_config_dpp_gen_prime256v1_secp384r1(dev, apdev):
1157 """Generate DPP Config Object for DPP network (P-256 + P-384)"""
1158 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1159 init_extra="conf=sta-dpp",
1160 require_conf_success=True,
1161 configurator=True,
1162 conf_curve="secp384r1")
1163
1164 def test_dpp_config_dpp_gen_prime256v1_secp521r1(dev, apdev):
1165 """Generate DPP Config Object for DPP network (P-256 + P-521)"""
1166 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1167 init_extra="conf=sta-dpp",
1168 require_conf_success=True,
1169 configurator=True,
1170 conf_curve="secp521r1")
1171
1172 def test_dpp_config_dpp_gen_secp384r1_prime256v1(dev, apdev):
1173 """Generate DPP Config Object for DPP network (P-384 + P-256)"""
1174 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1",
1175 init_extra="conf=sta-dpp",
1176 require_conf_success=True,
1177 configurator=True,
1178 conf_curve="prime256v1")
1179
1180 def test_dpp_config_dpp_gen_secp384r1_secp384r1(dev, apdev):
1181 """Generate DPP Config Object for DPP network (P-384 + P-384)"""
1182 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1",
1183 init_extra="conf=sta-dpp",
1184 require_conf_success=True,
1185 configurator=True,
1186 conf_curve="secp384r1")
1187
1188 def test_dpp_config_dpp_gen_secp384r1_secp521r1(dev, apdev):
1189 """Generate DPP Config Object for DPP network (P-384 + P-521)"""
1190 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1",
1191 init_extra="conf=sta-dpp",
1192 require_conf_success=True,
1193 configurator=True,
1194 conf_curve="secp521r1")
1195
1196 def test_dpp_config_dpp_gen_secp521r1_prime256v1(dev, apdev):
1197 """Generate DPP Config Object for DPP network (P-521 + P-256)"""
1198 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1",
1199 init_extra="conf=sta-dpp",
1200 require_conf_success=True,
1201 configurator=True,
1202 conf_curve="prime256v1")
1203
1204 def test_dpp_config_dpp_gen_secp521r1_secp384r1(dev, apdev):
1205 """Generate DPP Config Object for DPP network (P-521 + P-384)"""
1206 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1",
1207 init_extra="conf=sta-dpp",
1208 require_conf_success=True,
1209 configurator=True,
1210 conf_curve="secp384r1")
1211
1212 def test_dpp_config_dpp_gen_secp521r1_secp521r1(dev, apdev):
1213 """Generate DPP Config Object for DPP network (P-521 + P-521)"""
1214 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1",
1215 init_extra="conf=sta-dpp",
1216 require_conf_success=True,
1217 configurator=True,
1218 conf_curve="secp521r1")
1219
1220 def test_dpp_config_dpp_gen_expiry(dev, apdev):
1221 """Generate DPP Config Object for DPP network with expiry value"""
1222 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1223 init_extra="conf=sta-dpp expiry=%d" % (time.time() + 1000),
1224 require_conf_success=True,
1225 configurator=True)
1226
1227 def test_dpp_config_dpp_gen_expired_key(dev, apdev):
1228 """Generate DPP Config Object for DPP network with expiry value"""
1229 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1230 init_extra="conf=sta-dpp expiry=%d" % (time.time() - 10),
1231 require_conf_failure=True,
1232 configurator=True)
1233
1234 def test_dpp_config_dpp_override_prime256v1(dev, apdev):
1235 """DPP Config Object override (P-256)"""
1236 check_dpp_capab(dev[0])
1237 check_dpp_capab(dev[1])
1238 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiYVRGNEpFR0lQS1NaMFh2OXpkQ01qbS10bjVYcE1zWUlWWjl3eVNBejFnSSIsInkiOiJRR2NIV0FfNnJiVTlYRFhBenRvWC1NNVEzc3VUbk1hcUVoVUx0bjdTU1h3In19._sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A","csign":{"kty":"EC","crv":"P-256","x":"W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s","y":"Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}}}'
1239 dev[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1240 dev[1].set("dpp_config_obj_override", conf)
1241 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1242 require_conf_success=True)
1243
1244 def test_dpp_config_dpp_override_secp384r1(dev, apdev):
1245 """DPP Config Object override (P-384)"""
1246 check_dpp_capab(dev[0])
1247 check_dpp_capab(dev[1])
1248 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJabi1iMndjbjRLM2pGQklkYmhGZkpVTHJTXzdESS0yMWxFQi02R3gxNjl3IiwiYWxnIjoiRVMzODQifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0zODQiLCJ4IjoickdrSGg1UUZsOUtfWjdqYUZkVVhmbThoY1RTRjM1b25Xb1NIRXVsbVNzWW9oX1RXZGpoRjhiVGdiS0ZRN2tBViIsInkiOiJBbU1QVDA5VmFENWpGdzMwTUFKQlp2VkZXeGNlVVlKLXR5blQ0bVJ5N0xOZWxhZ0dEWHpfOExaRlpOU2FaNUdLIn19.Yn_F7m-bbOQ5PlaYQJ9-1qsuqYQ6V-rAv8nWw1COKiCYwwbt3WFBJ8DljY0dPrlg5CHJC4saXwkytpI-CpELW1yUdzYb4Lrun07d20Eo_g10ICyOl5sqQCAUElKMe_Xr","csign":{"kty":"EC","crv":"P-384","x":"dmTyXXiPV2Y8a01fujL-jo08gvzyby23XmzOtzjAiujKQZZgPJsbhfEKrZDlc6ey","y":"H5Z0av5c7bqInxYb2_OOJdNiMhVf3zlcULR0516ZZitOY4U31KhL4wl4KGV7g2XW","kid":"Zn-b2wcn4K3jFBIdbhFfJULrS_7DI-21lEB-6Gx169w"}}}'
1249 dev[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1250 dev[1].set("dpp_config_obj_override", conf)
1251 run_dpp_qr_code_auth_unicast(dev, apdev, "secp384r1",
1252 require_conf_success=True)
1253
1254 def test_dpp_config_dpp_override_secp521r1(dev, apdev):
1255 """DPP Config Object override (P-521)"""
1256 check_dpp_capab(dev[0])
1257 check_dpp_capab(dev[1])
1258 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJMZkhKY3hnV2ZKcG1uS2IwenZRT0F2VDB2b0ZKc0JjZnBmYzgxY3Y5ZXFnIiwiYWxnIjoiRVM1MTIifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC01MjEiLCJ4IjoiQVJlUFBrMFNISkRRR2NWbnlmM3lfbTlaQllHNjFJeElIbDN1NkdwRHVhMkU1WVd4TE1BSUtMMnZuUGtlSGFVRXljRmZaZlpYZ2JlNkViUUxMVkRVUm1VUSIsInkiOiJBWUtaYlNwUkFFNjJVYm9YZ2c1ZWRBVENzbEpzTlpwcm9RR1dUcW9Md04weXkzQkVoT3ZRZmZrOWhaR2lKZ295TzFobXFRRVRrS0pXb2tIYTBCQUpLSGZtIn19.ACEZLyPk13cM_OFScpLoCElQ2t1sxq5z2d_W_3_QslTQQe5SFiH_o8ycL4632YLAH4RV0gZcMKKRMtZdHgBYHjkzASDqgY-_aYN2SBmpfl8hw0YdDlUJWX3DJf-ofqNAlTbnGmhpSg69cEAhFn41Xgvx2MdwYcPVncxxESVOtWl5zNLK","csign":{"kty":"EC","crv":"P-521","x":"ADiOI_YJOAipEXHB-SpGl4KqokX8m8h3BVYCc8dgiwssZ061-nIIY3O1SIO6Re4Jjfy53RPgzDG6jitOgOGLtzZs","y":"AZKggKaQi0ExutSpJAU3-lqDV03sBQLA9C7KabfWoAn8qD6Vk4jU0WAJdt-wBBTF9o1nVuiqS2OxMVYrxN4lOz79","kid":"LfHJcxgWfJpmnKb0zvQOAvT0voFJsBcfpfc81cv9eqg"}}}'
1259 dev[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1260 dev[1].set("dpp_config_obj_override", conf)
1261 run_dpp_qr_code_auth_unicast(dev, apdev, "secp521r1",
1262 require_conf_success=True)
1263
1264 def test_dpp_config_override_objects(dev, apdev):
1265 """Generate DPP Config Object and override objects)"""
1266 check_dpp_capab(dev[1])
1267 discovery = '{\n"ssid":"mywifi"\n}'
1268 groups = '[\n {"groupId":"home","netRole":"sta"},\n {"groupId":"cottage","netRole":"sta"}\n]'
1269 dev[1].set("dpp_discovery_override", discovery)
1270 dev[1].set("dpp_groups_override", groups)
1271 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1272 init_extra="conf=sta-dpp",
1273 require_conf_success=True,
1274 configurator=True)
1275
1276 def build_conf_obj(kty="EC", crv="P-256",
1277 x="W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s",
1278 y="Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE",
1279 kid="TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU",
1280 prot_hdr='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}',
1281 signed_connector=None,
1282 no_signed_connector=False,
1283 csign=True):
1284 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{'
1285 conf += '"akm":"dpp",'
1286
1287 if signed_connector:
1288 conn = signed_connector
1289 conf += '"signedConnector":"%s",' % conn
1290 elif not no_signed_connector:
1291 payload = '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1292 sign = "_sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A"
1293 conn = base64.urlsafe_b64encode(prot_hdr).rstrip('=') + '.'
1294 conn += base64.urlsafe_b64encode(payload).rstrip('=') + '.'
1295 conn += sign
1296 conf += '"signedConnector":"%s",' % conn
1297
1298 if csign:
1299 conf += '"csign":{'
1300 if kty:
1301 conf += '"kty":"%s",' % kty
1302 if crv:
1303 conf += '"crv":"%s",' % crv
1304 if x:
1305 conf += '"x":"%s",' % x
1306 if y:
1307 conf += '"y":"%s",' % y
1308 if kid:
1309 conf += '"kid":"%s"' % kid
1310 conf = conf.rstrip(',')
1311 conf += '}'
1312 else:
1313 conf = conf.rstrip(',')
1314
1315 conf += '}}'
1316
1317 return conf
1318
1319 def run_dpp_config_error(dev, apdev, conf,
1320 skip_net_access_key_mismatch=True):
1321 check_dpp_capab(dev[0])
1322 check_dpp_capab(dev[1])
1323 if skip_net_access_key_mismatch:
1324 dev[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1325 dev[1].set("dpp_config_obj_override", conf)
1326 run_dpp_qr_code_auth_unicast(dev, apdev, "prime256v1",
1327 require_conf_failure=True)
1328
1329 def test_dpp_config_jwk_error_no_kty(dev, apdev):
1330 """DPP Config Object JWK error - no kty"""
1331 run_dpp_config_error(dev, apdev, build_conf_obj(kty=None))
1332
1333 def test_dpp_config_jwk_error_unexpected_kty(dev, apdev):
1334 """DPP Config Object JWK error - unexpected kty"""
1335 run_dpp_config_error(dev, apdev, build_conf_obj(kty="unknown"))
1336
1337 def test_dpp_config_jwk_error_no_crv(dev, apdev):
1338 """DPP Config Object JWK error - no crv"""
1339 run_dpp_config_error(dev, apdev, build_conf_obj(crv=None))
1340
1341 def test_dpp_config_jwk_error_unsupported_crv(dev, apdev):
1342 """DPP Config Object JWK error - unsupported curve"""
1343 run_dpp_config_error(dev, apdev, build_conf_obj(crv="unsupported"))
1344
1345 def test_dpp_config_jwk_error_no_x(dev, apdev):
1346 """DPP Config Object JWK error - no x"""
1347 run_dpp_config_error(dev, apdev, build_conf_obj(x=None))
1348
1349 def test_dpp_config_jwk_error_invalid_x(dev, apdev):
1350 """DPP Config Object JWK error - invalid x"""
1351 run_dpp_config_error(dev, apdev, build_conf_obj(x="MTIz"))
1352
1353 def test_dpp_config_jwk_error_no_y(dev, apdev):
1354 """DPP Config Object JWK error - no y"""
1355 run_dpp_config_error(dev, apdev, build_conf_obj(y=None))
1356
1357 def test_dpp_config_jwk_error_invalid_y(dev, apdev):
1358 """DPP Config Object JWK error - invalid y"""
1359 run_dpp_config_error(dev, apdev, build_conf_obj(y="MTIz"))
1360
1361 def test_dpp_config_jwk_error_invalid_xy(dev, apdev):
1362 """DPP Config Object JWK error - invalid x,y"""
1363 conf = build_conf_obj(x="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY",
1364 y="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY")
1365 run_dpp_config_error(dev, apdev, conf)
1366
1367 def test_dpp_config_jwk_error_no_kid(dev, apdev):
1368 """DPP Config Object JWK error - no kid"""
1369 run_dpp_config_error(dev, apdev, build_conf_obj(kid=None))
1370
1371 def test_dpp_config_jws_error_prot_hdr_not_an_object(dev, apdev):
1372 """DPP Config Object JWS error - protected header not an object"""
1373 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr="1"))
1374
1375 def test_dpp_config_jws_error_prot_hdr_no_typ(dev, apdev):
1376 """DPP Config Object JWS error - protected header - no typ"""
1377 prot_hdr='{"kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1378 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1379
1380 def test_dpp_config_jws_error_prot_hdr_unsupported_typ(dev, apdev):
1381 """DPP Config Object JWS error - protected header - unsupported typ"""
1382 prot_hdr='{"typ":"unsupported","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1383 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1384
1385 def test_dpp_config_jws_error_prot_hdr_no_alg(dev, apdev):
1386 """DPP Config Object JWS error - protected header - no alg"""
1387 prot_hdr='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}'
1388 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1389
1390 def test_dpp_config_jws_error_prot_hdr_unexpected_alg(dev, apdev):
1391 """DPP Config Object JWS error - protected header - unexpected alg"""
1392 prot_hdr='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"unexpected"}'
1393 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1394
1395 def test_dpp_config_jws_error_prot_hdr_no_kid(dev, apdev):
1396 """DPP Config Object JWS error - protected header - no kid"""
1397 prot_hdr='{"typ":"dppCon","alg":"ES256"}'
1398 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1399
1400 def test_dpp_config_jws_error_prot_hdr_unexpected_kid(dev, apdev):
1401 """DPP Config Object JWS error - protected header - unexpected kid"""
1402 prot_hdr='{"typ":"dppCon","kid":"MTIz","alg":"ES256"}'
1403 run_dpp_config_error(dev, apdev, build_conf_obj(prot_hdr=prot_hdr))
1404
1405 def test_dpp_config_signed_connector_error_no_dot_1(dev, apdev):
1406 """DPP Config Object signedConnector error - no dot(1)"""
1407 conn = "MTIz"
1408 run_dpp_config_error(dev, apdev, build_conf_obj(signed_connector=conn))
1409
1410 def test_dpp_config_signed_connector_error_no_dot_2(dev, apdev):
1411 """DPP Config Object signedConnector error - no dot(2)"""
1412 conn = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz"
1413 run_dpp_config_error(dev, apdev, build_conf_obj(signed_connector=conn))
1414
1415 def test_dpp_config_signed_connector_error_unexpected_signature_len(dev, apdev):
1416 """DPP Config Object signedConnector error - unexpected signature length"""
1417 conn = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTIz"
1418 run_dpp_config_error(dev, apdev, build_conf_obj(signed_connector=conn))
1419
1420 def test_dpp_config_signed_connector_error_invalid_signature_der(dev, apdev):
1421 """DPP Config Object signedConnector error - invalid signature DER"""
1422 conn = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTI"
1423 run_dpp_config_error(dev, apdev, build_conf_obj(signed_connector=conn))
1424
1425 def test_dpp_config_no_csign(dev, apdev):
1426 """DPP Config Object error - no csign"""
1427 run_dpp_config_error(dev, apdev, build_conf_obj(csign=False))
1428
1429 def test_dpp_config_no_signed_connector(dev, apdev):
1430 """DPP Config Object error - no signedConnector"""
1431 run_dpp_config_error(dev, apdev, build_conf_obj(no_signed_connector=True))
1432
1433 def test_dpp_config_unexpected_signed_connector_char(dev, apdev):
1434 """DPP Config Object error - unexpected signedConnector character"""
1435 run_dpp_config_error(dev, apdev, build_conf_obj(signed_connector='a\nb'))
1436
1437 def test_dpp_config_root_not_an_object(dev, apdev):
1438 """DPP Config Object error - root not an object"""
1439 conf = "1"
1440 run_dpp_config_error(dev, apdev, conf)
1441
1442 def test_dpp_config_no_wi_fi_tech(dev, apdev):
1443 """DPP Config Object error - no wi-fi_tech"""
1444 conf = "{}"
1445 run_dpp_config_error(dev, apdev, conf)
1446
1447 def test_dpp_config_unsupported_wi_fi_tech(dev, apdev):
1448 """DPP Config Object error - unsupported wi-fi_tech"""
1449 conf = '{"wi-fi_tech":"unsupported"}'
1450 run_dpp_config_error(dev, apdev, conf)
1451
1452 def test_dpp_config_no_discovery(dev, apdev):
1453 """DPP Config Object error - no discovery"""
1454 conf = '{"wi-fi_tech":"infra"}'
1455 run_dpp_config_error(dev, apdev, conf)
1456
1457 def test_dpp_config_no_discovery_ssid(dev, apdev):
1458 """DPP Config Object error - no discovery::ssid"""
1459 conf = '{"wi-fi_tech":"infra","discovery":{}}'
1460 run_dpp_config_error(dev, apdev, conf)
1461
1462 def test_dpp_config_too_long_discovery_ssid(dev, apdev):
1463 """DPP Config Object error - too long discovery::ssid"""
1464 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"%s"}}' % (33*'A')
1465 run_dpp_config_error(dev, apdev, conf)
1466
1467 def test_dpp_config_no_cred(dev, apdev):
1468 """DPP Config Object error - no cred"""
1469 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"}}'
1470 run_dpp_config_error(dev, apdev, conf)
1471
1472 def test_dpp_config_no_cred_akm(dev, apdev):
1473 """DPP Config Object error - no cred::akm"""
1474 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{}}'
1475 run_dpp_config_error(dev, apdev, conf)
1476
1477 def test_dpp_config_unsupported_cred_akm(dev, apdev):
1478 """DPP Config Object error - unsupported cred::akm"""
1479 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"unsupported"}}'
1480 run_dpp_config_error(dev, apdev, conf)
1481
1482 def test_dpp_config_error_legacy_no_pass(dev, apdev):
1483 """DPP Config Object legacy error - no pass/psk"""
1484 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk"}}'
1485 run_dpp_config_error(dev, apdev, conf)
1486
1487 def test_dpp_config_error_legacy_too_short_pass(dev, apdev):
1488 """DPP Config Object legacy error - too short pass/psk"""
1489 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"1"}}'
1490 run_dpp_config_error(dev, apdev, conf)
1491
1492 def test_dpp_config_error_legacy_too_long_pass(dev, apdev):
1493 """DPP Config Object legacy error - too long pass/psk"""
1494 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"%s"}}' % (64*'A')
1495 run_dpp_config_error(dev, apdev, conf)
1496
1497 def test_dpp_config_error_legacy_psk_with_sae(dev, apdev):
1498 """DPP Config Object legacy error - psk_hex with SAE"""
1499 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"sae","psk_hex":"%s"}}' % (32*"12")
1500 run_dpp_config_error(dev, apdev, conf)
1501
1502 def test_dpp_config_error_legacy_no_pass_for_sae(dev, apdev):
1503 """DPP Config Object legacy error - no pass for SAE"""
1504 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk+sae","psk_hex":"%s"}}' % (32*"12")
1505 run_dpp_config_error(dev, apdev, conf)
1506
1507 def test_dpp_config_error_legacy_invalid_psk(dev, apdev):
1508 """DPP Config Object legacy error - invalid psk_hex"""
1509 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (32*"qa")
1510 run_dpp_config_error(dev, apdev, conf)
1511
1512 def test_dpp_config_error_legacy_too_short_psk(dev, apdev):
1513 """DPP Config Object legacy error - too short psk_hex"""
1514 conf = '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (31*"12")
1515 run_dpp_config_error(dev, apdev, conf)
1516
1517 def ecdsa_sign(pkey, message, alg="sha256"):
1518 sign = OpenSSL.crypto.sign(pkey, message, alg)
1519 a,b = struct.unpack('BB', sign[0:2])
1520 if a != 0x30:
1521 raise Exception("Invalid DER encoding of ECDSA signature")
1522 if b != len(sign) - 2:
1523 raise Exception("Invalid length of ECDSA signature")
1524 sign = sign[2:]
1525
1526 a,b = struct.unpack('BB', sign[0:2])
1527 if a != 0x02:
1528 raise Exception("Invalid DER encoding of ECDSA signature r")
1529 if b > len(sign) - 2:
1530 raise Exception("Invalid length of ECDSA signature r")
1531 sign = sign[2:]
1532 if b == 32:
1533 r = sign[0:32]
1534 sign = sign[32:]
1535 elif b == 33:
1536 r = sign[1:33]
1537 sign = sign[33:]
1538 else:
1539 raise Exception("Invalid length of ECDSA signature r")
1540
1541 a,b = struct.unpack('BB', sign[0:2])
1542 if a != 0x02:
1543 raise Exception("Invalid DER encoding of ECDSA signature s")
1544 if b > len(sign) - 2:
1545 raise Exception("Invalid length of ECDSA signature s")
1546 sign = sign[2:]
1547 if b == 32:
1548 s = sign[0:32]
1549 sign = sign[32:]
1550 elif b == 33:
1551 s = sign[1:33]
1552 sign = sign[33:]
1553 else:
1554 raise Exception("Invalid length of ECDSA signature s")
1555 if len(sign) != 0:
1556 raise Exception("Extra data at the end of ECDSA signature")
1557
1558 raw_sign = r + s
1559 return base64.urlsafe_b64encode(raw_sign).rstrip('=')
1560
1561 p256_priv_key = """-----BEGIN EC PRIVATE KEY-----
1562 MHcCAQEEIBVQij9ah629f1pu3tarDQGQvrzHgAkgYd1jHGiLxNajoAoGCCqGSM49
1563 AwEHoUQDQgAEAC9d2/JirKu72F2qLuv5jEFMD1Cqu9EiyGk7cOzn/2DJ51p2mEoW
1564 n03N6XRvTC+G7WPol9Ng97NAM2sK57+F/Q==
1565 -----END EC PRIVATE KEY-----"""
1566 p256_pub_key_x = binascii.unhexlify("002f5ddbf262acabbbd85daa2eebf98c414c0f50aabbd122c8693b70ece7ff60")
1567 p256_pub_key_y = binascii.unhexlify("c9e75a76984a169f4dcde9746f4c2f86ed63e897d360f7b340336b0ae7bf85fd")
1568
1569 def run_dpp_config_connector(dev, apdev, expiry=None, payload=None,
1570 skip_net_access_key_mismatch=True):
1571 if not openssl_imported:
1572 raise HwsimSkip("OpenSSL python method not available")
1573 pkey = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
1574 p256_priv_key)
1575 x = base64.urlsafe_b64encode(p256_pub_key_x).rstrip('=')
1576 y = base64.urlsafe_b64encode(p256_pub_key_y).rstrip('=')
1577
1578 pubkey = '\04' + p256_pub_key_x + p256_pub_key_y
1579 kid = base64.urlsafe_b64encode(hashlib.sha256(pubkey).digest()).rstrip('=')
1580
1581 prot_hdr = '{"typ":"dppCon","kid":"%s","alg":"ES256"}' % kid
1582
1583 if not payload:
1584 payload = '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}'
1585 if expiry:
1586 payload += ',"expiry":"%s"' % expiry
1587 payload += '}'
1588 conn = base64.urlsafe_b64encode(prot_hdr).rstrip('=') + '.'
1589 conn += base64.urlsafe_b64encode(payload).rstrip('=')
1590 sign = ecdsa_sign(pkey, conn)
1591 conn += '.' + sign
1592 run_dpp_config_error(dev, apdev,
1593 build_conf_obj(x=x, y=y, signed_connector=conn),
1594 skip_net_access_key_mismatch=skip_net_access_key_mismatch)
1595
1596 def test_dpp_config_connector_error_ext_sign(dev, apdev):
1597 """DPP Config Object connector error - external signature calculation"""
1598 run_dpp_config_connector(dev, apdev)
1599
1600 def test_dpp_config_connector_error_too_short_timestamp(dev, apdev):
1601 """DPP Config Object connector error - too short timestamp"""
1602 run_dpp_config_connector(dev, apdev, expiry="1")
1603
1604 def test_dpp_config_connector_error_invalid_timestamp(dev, apdev):
1605 """DPP Config Object connector error - invalid timestamp"""
1606 run_dpp_config_connector(dev, apdev, expiry=19*"1")
1607
1608 def test_dpp_config_connector_error_invalid_timestamp_date(dev, apdev):
1609 """DPP Config Object connector error - invalid timestamp date"""
1610 run_dpp_config_connector(dev, apdev, expiry="9999-99-99T99:99:99Z")
1611
1612 def test_dpp_config_connector_error_invalid_time_zone(dev, apdev):
1613 """DPP Config Object connector error - invalid time zone"""
1614 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00*")
1615
1616 def test_dpp_config_connector_error_invalid_time_zone_2(dev, apdev):
1617 """DPP Config Object connector error - invalid time zone 2"""
1618 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00+")
1619
1620 def test_dpp_config_connector_error_expired_1(dev, apdev):
1621 """DPP Config Object connector error - expired 1"""
1622 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00")
1623
1624 def test_dpp_config_connector_error_expired_2(dev, apdev):
1625 """DPP Config Object connector error - expired 2"""
1626 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00Z")
1627
1628 def test_dpp_config_connector_error_expired_3(dev, apdev):
1629 """DPP Config Object connector error - expired 3"""
1630 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00+01")
1631
1632 def test_dpp_config_connector_error_expired_4(dev, apdev):
1633 """DPP Config Object connector error - expired 4"""
1634 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00+01:02")
1635
1636 def test_dpp_config_connector_error_expired_5(dev, apdev):
1637 """DPP Config Object connector error - expired 5"""
1638 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00-01")
1639
1640 def test_dpp_config_connector_error_expired_6(dev, apdev):
1641 """DPP Config Object connector error - expired 6"""
1642 run_dpp_config_connector(dev, apdev, expiry="2018-01-01T00:00:00-01:02")
1643
1644 def test_dpp_config_connector_error_no_groups(dev, apdev):
1645 """DPP Config Object connector error - no groups"""
1646 payload = '{"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1647 run_dpp_config_connector(dev, apdev, payload=payload)
1648
1649 def test_dpp_config_connector_error_empty_groups(dev, apdev):
1650 """DPP Config Object connector error - empty groups"""
1651 payload = '{"groups":[],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1652 run_dpp_config_connector(dev, apdev, payload=payload)
1653
1654 def test_dpp_config_connector_error_missing_group_id(dev, apdev):
1655 """DPP Config Object connector error - missing groupId"""
1656 payload = '{"groups":[{"netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1657 run_dpp_config_connector(dev, apdev, payload=payload)
1658
1659 def test_dpp_config_connector_error_missing_net_role(dev, apdev):
1660 """DPP Config Object connector error - missing netRole"""
1661 payload = '{"groups":[{"groupId":"*"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1662 run_dpp_config_connector(dev, apdev, payload=payload)
1663
1664 def test_dpp_config_connector_error_missing_net_access_key(dev, apdev):
1665 """DPP Config Object connector error - missing netAccessKey"""
1666 payload = '{"groups":[{"groupId":"*","netRole":"sta"}]}'
1667 run_dpp_config_connector(dev, apdev, payload=payload)
1668
1669 def test_dpp_config_connector_error_net_access_key_mismatch(dev, apdev):
1670 """DPP Config Object connector error - netAccessKey mismatch"""
1671 payload = '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1672 run_dpp_config_connector(dev, apdev, payload=payload,
1673 skip_net_access_key_mismatch=False)
1674
1675 def test_dpp_gas_timeout(dev, apdev):
1676 """DPP and GAS server timeout for a query"""
1677 check_dpp_capab(dev[0])
1678 check_dpp_capab(dev[1])
1679 logger.info("dev0 displays QR Code")
1680 addr = dev[0].own_addr().replace(':', '')
1681 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1682 res = dev[0].request(cmd)
1683 if "FAIL" in res:
1684 raise Exception("Failed to generate bootstrapping info")
1685 id0 = int(res)
1686 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1687
1688 logger.info("dev1 scans QR Code")
1689 res = dev[1].request("DPP_QR_CODE " + uri0)
1690 if "FAIL" in res:
1691 raise Exception("Failed to parse QR Code URI")
1692 id1 = int(res)
1693
1694 logger.info("dev1 initiates DPP Authentication")
1695 dev[0].set("ext_mgmt_frame_handling", "1")
1696 cmd = "DPP_LISTEN 2412"
1697 if "OK" not in dev[0].request(cmd):
1698 raise Exception("Failed to start listen operation")
1699
1700 # Force GAS fragmentation
1701 conf = '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1702 dev[1].set("dpp_config_obj_override", conf)
1703
1704 cmd = "DPP_AUTH_INIT peer=%d" % id1
1705 if "OK" not in dev[1].request(cmd):
1706 raise Exception("Failed to initiate DPP Authentication")
1707
1708 # DPP Authentication Request
1709 msg = dev[0].mgmt_rx()
1710 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], msg['frame'].encode('hex'))):
1711 raise Exception("MGMT_RX_PROCESS failed")
1712
1713 # DPP Authentication Confirmation
1714 msg = dev[0].mgmt_rx()
1715 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], msg['frame'].encode('hex'))):
1716 raise Exception("MGMT_RX_PROCESS failed")
1717
1718 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
1719 if ev is None:
1720 raise Exception("DPP authentication did not succeed (Responder)")
1721 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
1722 if ev is None:
1723 raise Exception("DPP authentication did not succeed (Initiator)")
1724
1725 # DPP Configuration Response (GAS Initial Response frame)
1726 msg = dev[0].mgmt_rx()
1727 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], msg['frame'].encode('hex'))):
1728 raise Exception("MGMT_RX_PROCESS failed")
1729
1730 # GAS Comeback Response frame
1731 msg = dev[0].mgmt_rx()
1732 # Do not continue to force timeout on GAS server
1733
1734 ev = dev[0].wait_event(["GAS-QUERY-DONE"], timeout=10)
1735 if ev is None:
1736 raise Exception("GAS result not reported (Enrollee)")
1737 if "result=TIMEOUT" not in ev:
1738 raise Exception("Unexpected GAS result (Enrollee): " + ev)
1739 dev[0].set("ext_mgmt_frame_handling", "0")
1740
1741 ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=15)
1742 if ev is None:
1743 raise Exception("DPP configuration failure not reported (Configurator)")
1744
1745 ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=1)
1746 if ev is None:
1747 raise Exception("DPP configuration failure not reported (Enrollee)")
1748
1749 def test_dpp_akm_sha256(dev, apdev):
1750 """DPP AKM (SHA256)"""
1751 run_dpp_akm(dev, apdev, 32)
1752
1753 def test_dpp_akm_sha384(dev, apdev):
1754 """DPP AKM (SHA384)"""
1755 run_dpp_akm(dev, apdev, 48)
1756
1757 def test_dpp_akm_sha512(dev, apdev):
1758 """DPP AKM (SHA512)"""
1759 run_dpp_akm(dev, apdev, 64)
1760
1761 def run_dpp_akm(dev, apdev, pmk_len):
1762 check_dpp_capab(dev[0])
1763 check_dpp_capab(dev[1])
1764 params = { "ssid": "dpp",
1765 "wpa": "2",
1766 "wpa_key_mgmt": "DPP",
1767 "rsn_pairwise": "CCMP",
1768 "ieee80211w": "2" }
1769 try:
1770 hapd = hostapd.add_ap(apdev[0], params)
1771 except:
1772 raise HwsimSkip("DPP not supported")
1773
1774 id = dev[0].connect("dpp", key_mgmt="DPP", ieee80211w="2", scan_freq="2412",
1775 wait_connect=False)
1776 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND"], timeout=2)
1777 if not ev:
1778 raise Exception("Network mismatch not reported")
1779 dev[0].request("DISCONNECT")
1780 dev[0].dump_monitor()
1781
1782 bssid = hapd.own_addr()
1783 pmkid = 16*'11'
1784 akmp = 2**23
1785 pmk = pmk_len*'22'
1786 cmd = "PMKSA_ADD %d %s %s %s 30240 43200 %d 0" % (id, bssid, pmkid, pmk, akmp)
1787 if "OK" not in dev[0].request(cmd):
1788 raise Exception("PMKSA_ADD failed (wpa_supplicant)")
1789 dev[0].select_network(id, freq="2412")
1790 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=2)
1791 dev[0].request("DISCONNECT")
1792 dev[0].dump_monitor()
1793 if not ev:
1794 raise Exception("Association attempt was not rejected")
1795 if "status_code=53" not in ev:
1796 raise Exception("Unexpected status code: " + ev)
1797
1798 addr = dev[0].own_addr()
1799 cmd = "PMKSA_ADD %s %s %s 0 %d" % (addr, pmkid, pmk, akmp)
1800 if "OK" not in hapd.request(cmd):
1801 raise Exception("PMKSA_ADD failed (hostapd)")
1802
1803 dev[0].select_network(id, freq="2412")
1804 dev[0].wait_connected()
1805 val = dev[0].get_status_field("key_mgmt")
1806 if val != "DPP":
1807 raise Exception("Unexpected key_mgmt: " + val)
1808
1809 params1_csign = "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1810 params1_ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1811 params1_ap_netaccesskey = "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1812 params1_sta_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1813 params1_sta_netaccesskey = "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1814
1815 def test_dpp_network_introduction(dev, apdev):
1816 """DPP network introduction"""
1817 check_dpp_capab(dev[0])
1818 check_dpp_capab(dev[1])
1819
1820 params = { "ssid": "dpp",
1821 "wpa": "2",
1822 "wpa_key_mgmt": "DPP",
1823 "ieee80211w": "2",
1824 "rsn_pairwise": "CCMP",
1825 "dpp_connector": params1_ap_connector,
1826 "dpp_csign": params1_csign,
1827 "dpp_netaccesskey": params1_ap_netaccesskey }
1828 try:
1829 hapd = hostapd.add_ap(apdev[0], params)
1830 except:
1831 raise HwsimSkip("DPP not supported")
1832
1833 id = dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
1834 ieee80211w="2",
1835 dpp_csign=params1_csign,
1836 dpp_connector=params1_sta_connector,
1837 dpp_netaccesskey=params1_sta_netaccesskey)
1838 val = dev[0].get_status_field("key_mgmt")
1839 if val != "DPP":
1840 raise Exception("Unexpected key_mgmt: " + val)
1841
1842 def test_dpp_and_sae_akm(dev, apdev):
1843 """DPP and SAE AKMs"""
1844 check_dpp_capab(dev[0])
1845 check_dpp_capab(dev[1])
1846 if "SAE" not in dev[1].get_capability("auth_alg"):
1847 raise HwsimSkip("SAE not supported")
1848
1849 params = { "ssid": "dpp+sae",
1850 "wpa": "2",
1851 "wpa_key_mgmt": "DPP SAE",
1852 "ieee80211w": "2",
1853 "rsn_pairwise": "CCMP",
1854 "sae_password": "sae-password",
1855 "dpp_connector": params1_ap_connector,
1856 "dpp_csign": params1_csign,
1857 "dpp_netaccesskey": params1_ap_netaccesskey }
1858 try:
1859 hapd = hostapd.add_ap(apdev[0], params)
1860 except:
1861 raise HwsimSkip("DPP not supported")
1862
1863 id = dev[0].connect("dpp+sae", key_mgmt="DPP", scan_freq="2412",
1864 ieee80211w="2",
1865 dpp_csign=params1_csign,
1866 dpp_connector=params1_sta_connector,
1867 dpp_netaccesskey=params1_sta_netaccesskey)
1868 val = dev[0].get_status_field("key_mgmt")
1869 if val != "DPP":
1870 raise Exception("Unexpected key_mgmt for DPP: " + val)
1871
1872 id = dev[1].connect("dpp+sae", key_mgmt="SAE", scan_freq="2412",
1873 ieee80211w="2", psk="sae-password")
1874 val = dev[1].get_status_field("key_mgmt")
1875 if val != "SAE":
1876 raise Exception("Unexpected key_mgmt for SAE: " + val)
1877
1878 def test_dpp_ap_config(dev, apdev):
1879 """DPP and AP configuration"""
1880 run_dpp_ap_config(dev, apdev)
1881
1882 def test_dpp_ap_config_p256_p256(dev, apdev):
1883 """DPP and AP configuration (P-256 + P-256)"""
1884 run_dpp_ap_config(dev, apdev, curve="P-256", conf_curve="P-256")
1885
1886 def test_dpp_ap_config_p256_p384(dev, apdev):
1887 """DPP and AP configuration (P-256 + P-384)"""
1888 run_dpp_ap_config(dev, apdev, curve="P-256", conf_curve="P-384")
1889
1890 def test_dpp_ap_config_p256_p521(dev, apdev):
1891 """DPP and AP configuration (P-256 + P-521)"""
1892 run_dpp_ap_config(dev, apdev, curve="P-256", conf_curve="P-521")
1893
1894 def test_dpp_ap_config_p384_p256(dev, apdev):
1895 """DPP and AP configuration (P-384 + P-256)"""
1896 run_dpp_ap_config(dev, apdev, curve="P-384", conf_curve="P-256")
1897
1898 def test_dpp_ap_config_p384_p384(dev, apdev):
1899 """DPP and AP configuration (P-384 + P-384)"""
1900 run_dpp_ap_config(dev, apdev, curve="P-384", conf_curve="P-384")
1901
1902 def test_dpp_ap_config_p384_p521(dev, apdev):
1903 """DPP and AP configuration (P-384 + P-521)"""
1904 run_dpp_ap_config(dev, apdev, curve="P-384", conf_curve="P-521")
1905
1906 def test_dpp_ap_config_p521_p256(dev, apdev):
1907 """DPP and AP configuration (P-521 + P-256)"""
1908 run_dpp_ap_config(dev, apdev, curve="P-521", conf_curve="P-256")
1909
1910 def test_dpp_ap_config_p521_p384(dev, apdev):
1911 """DPP and AP configuration (P-521 + P-384)"""
1912 run_dpp_ap_config(dev, apdev, curve="P-521", conf_curve="P-384")
1913
1914 def test_dpp_ap_config_p521_p521(dev, apdev):
1915 """DPP and AP configuration (P-521 + P-521)"""
1916 run_dpp_ap_config(dev, apdev, curve="P-521", conf_curve="P-521")
1917
1918 def test_dpp_ap_config_reconfig_configurator(dev, apdev):
1919 """DPP and AP configuration with Configurator reconfiguration"""
1920 run_dpp_ap_config(dev, apdev, reconf_configurator=True)
1921
1922 def update_hapd_config(hapd):
1923 ev = hapd.wait_event(["DPP-CONFOBJ-SSID"], timeout=1)
1924 if ev is None:
1925 raise Exception("SSID not reported (AP)")
1926 ssid = ev.split(' ')[1]
1927
1928 ev = hapd.wait_event(["DPP-CONNECTOR"], timeout=1)
1929 if ev is None:
1930 raise Exception("Connector not reported (AP)")
1931 connector = ev.split(' ')[1]
1932
1933 ev = hapd.wait_event(["DPP-C-SIGN-KEY"], timeout=1)
1934 if ev is None:
1935 raise Exception("C-sign-key not reported (AP)")
1936 p = ev.split(' ')
1937 csign = p[1]
1938
1939 ev = hapd.wait_event(["DPP-NET-ACCESS-KEY"], timeout=1)
1940 if ev is None:
1941 raise Exception("netAccessKey not reported (AP)")
1942 p = ev.split(' ')
1943 net_access_key = p[1]
1944 net_access_key_expiry = p[2] if len(p) > 2 else None
1945
1946 logger.info("Update AP configuration to use key_mgmt=DPP")
1947 hapd.disable()
1948 hapd.set("ssid", ssid)
1949 hapd.set("wpa", "2")
1950 hapd.set("wpa_key_mgmt", "DPP")
1951 hapd.set("ieee80211w", "2")
1952 hapd.set("rsn_pairwise", "CCMP")
1953 hapd.set("dpp_connector", connector)
1954 hapd.set("dpp_csign", csign)
1955 hapd.set("dpp_netaccesskey", net_access_key)
1956 if net_access_key_expiry:
1957 hapd.set("dpp_netaccesskey_expiry", net_access_key_expiry)
1958 hapd.enable()
1959
1960 def run_dpp_ap_config(dev, apdev, curve=None, conf_curve=None,
1961 reconf_configurator=False):
1962 check_dpp_capab(dev[0])
1963 check_dpp_capab(dev[1])
1964 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
1965 check_dpp_capab(hapd)
1966
1967 addr = hapd.own_addr().replace(':', '')
1968 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1969 if curve:
1970 cmd += " curve=" + curve
1971 res = hapd.request(cmd)
1972 if "FAIL" in res:
1973 raise Exception("Failed to generate bootstrapping info")
1974 id_h = int(res)
1975 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id_h)
1976
1977 cmd = "DPP_CONFIGURATOR_ADD"
1978 if conf_curve:
1979 cmd += " curve=" + conf_curve
1980 res = dev[0].request(cmd);
1981 if "FAIL" in res:
1982 raise Exception("Failed to add configurator")
1983 conf_id = int(res)
1984
1985 if reconf_configurator:
1986 csign = dev[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id)
1987 if "FAIL" in csign or len(csign) == 0:
1988 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
1989
1990 res = dev[0].request("DPP_QR_CODE " + uri)
1991 if "FAIL" in res:
1992 raise Exception("Failed to parse QR Code URI")
1993 id = int(res)
1994
1995 cmd = "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id)
1996 if "OK" not in dev[0].request(cmd):
1997 raise Exception("Failed to initiate DPP Authentication")
1998 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
1999 if ev is None:
2000 raise Exception("DPP authentication did not succeed (Responder)")
2001 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2002 if ev is None:
2003 raise Exception("DPP authentication did not succeed (Initiator)")
2004 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
2005 if ev is None:
2006 raise Exception("DPP configuration not completed (Configurator)")
2007 ev = hapd.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout=5)
2008 if ev is None:
2009 raise Exception("DPP configuration not completed (Enrollee)")
2010 if "DPP-CONF-FAILED" in ev:
2011 raise Exception("DPP configuration failed")
2012
2013 update_hapd_config(hapd)
2014
2015 addr = dev[1].own_addr().replace(':', '')
2016 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2017 if curve:
2018 cmd += " curve=" + curve
2019 res = dev[1].request(cmd)
2020 if "FAIL" in res:
2021 raise Exception("Failed to generate bootstrapping info")
2022 id1 = int(res)
2023 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
2024
2025 res = dev[0].request("DPP_QR_CODE " + uri1)
2026 if "FAIL" in res:
2027 raise Exception("Failed to parse QR Code URI")
2028 id0b = int(res)
2029
2030 if reconf_configurator:
2031 res = dev[0].request("DPP_CONFIGURATOR_REMOVE %d" % conf_id)
2032 if "OK" not in res:
2033 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
2034 cmd = "DPP_CONFIGURATOR_ADD"
2035 if conf_curve:
2036 cmd += " curve=" + conf_curve
2037 cmd += " key=" + csign
2038 res = dev[0].request(cmd);
2039 if "FAIL" in res:
2040 raise Exception("Failed to add configurator (reconf)")
2041 conf_id = int(res)
2042
2043 cmd = "DPP_LISTEN 2412"
2044 if "OK" not in dev[1].request(cmd):
2045 raise Exception("Failed to start listen operation")
2046 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id0b, conf_id)
2047 if "OK" not in dev[0].request(cmd):
2048 raise Exception("Failed to initiate DPP Authentication")
2049 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2050 if ev is None:
2051 raise Exception("DPP authentication did not succeed (Responder)")
2052 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2053 if ev is None:
2054 raise Exception("DPP authentication did not succeed (Initiator)")
2055 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
2056 if ev is None:
2057 raise Exception("DPP configuration not completed (Configurator)")
2058 ev = dev[1].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
2059 if ev is None:
2060 raise Exception("DPP configuration not completed (Enrollee)")
2061 dev[1].request("DPP_STOP_LISTEN")
2062
2063 ev = dev[1].wait_event(["DPP-CONFOBJ-SSID"], timeout=1)
2064 if ev is None:
2065 raise Exception("SSID not reported")
2066 ssid = ev.split(' ')[1]
2067
2068 ev = dev[1].wait_event(["DPP-CONNECTOR"], timeout=1)
2069 if ev is None:
2070 raise Exception("Connector not reported")
2071 connector = ev.split(' ')[1]
2072
2073 ev = dev[1].wait_event(["DPP-C-SIGN-KEY"], timeout=1)
2074 if ev is None:
2075 raise Exception("C-sign-key not reported")
2076 p = ev.split(' ')
2077 csign = p[1]
2078
2079 ev = dev[1].wait_event(["DPP-NET-ACCESS-KEY"], timeout=1)
2080 if ev is None:
2081 raise Exception("netAccessKey not reported")
2082 p = ev.split(' ')
2083 net_access_key = p[1]
2084 net_access_key_expiry = p[2] if len(p) > 2 else None
2085
2086 dev[1].dump_monitor()
2087
2088 id = dev[1].connect(ssid, key_mgmt="DPP", ieee80211w="2", scan_freq="2412",
2089 only_add_network=True)
2090 dev[1].set_network_quoted(id, "dpp_connector", connector)
2091 dev[1].set_network(id, "dpp_csign", csign)
2092 dev[1].set_network(id, "dpp_netaccesskey", net_access_key)
2093 if net_access_key_expiry:
2094 dev[1].set_network(id, "dpp_netaccess_expiry", net_access_key_expiry)
2095
2096 logger.info("Check data connection")
2097 dev[1].select_network(id, freq="2412")
2098 dev[1].wait_connected()
2099
2100 def test_dpp_auto_connect_1(dev, apdev):
2101 """DPP and auto connect (1)"""
2102 try:
2103 run_dpp_auto_connect(dev, apdev, 1)
2104 finally:
2105 dev[0].set("dpp_config_processing", "0")
2106
2107 def test_dpp_auto_connect_2(dev, apdev):
2108 """DPP and auto connect (2)"""
2109 try:
2110 run_dpp_auto_connect(dev, apdev, 2)
2111 finally:
2112 dev[0].set("dpp_config_processing", "0")
2113
2114 def test_dpp_auto_connect_2_connect_cmd(dev, apdev):
2115 """DPP and auto connect (2) using connect_cmd"""
2116 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
2117 wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
2118 dev_new = [ wpas, dev[1] ]
2119 try:
2120 run_dpp_auto_connect(dev_new, apdev, 2)
2121 finally:
2122 wpas.set("dpp_config_processing", "0")
2123
2124 def run_dpp_auto_connect(dev, apdev, processing):
2125 check_dpp_capab(dev[0])
2126 check_dpp_capab(dev[1])
2127
2128 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2129 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2130 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2131 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2132
2133 params = { "ssid": "test",
2134 "wpa": "2",
2135 "wpa_key_mgmt": "DPP",
2136 "ieee80211w": "2",
2137 "rsn_pairwise": "CCMP",
2138 "dpp_connector": ap_connector,
2139 "dpp_csign": csign_pub,
2140 "dpp_netaccesskey": ap_netaccesskey }
2141 try:
2142 hapd = hostapd.add_ap(apdev[0], params)
2143 except:
2144 raise HwsimSkip("DPP not supported")
2145
2146 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2147 res = dev[1].request(cmd)
2148 if "FAIL" in res:
2149 raise Exception("DPP_CONFIGURATOR_ADD failed")
2150 conf_id = int(res)
2151
2152 dev[0].set("dpp_config_processing", str(processing))
2153 addr = dev[0].own_addr().replace(':', '')
2154 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2155 res = dev[0].request(cmd)
2156 if "FAIL" in res:
2157 raise Exception("Failed to generate bootstrapping info")
2158 id0 = int(res)
2159 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2160
2161 res = dev[1].request("DPP_QR_CODE " + uri0)
2162 if "FAIL" in res:
2163 raise Exception("Failed to parse QR Code URI")
2164 id1 = int(res)
2165
2166 cmd = "DPP_LISTEN 2412"
2167 if "OK" not in dev[0].request(cmd):
2168 raise Exception("Failed to start listen operation")
2169
2170 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
2171 if "OK" not in dev[1].request(cmd):
2172 raise Exception("Failed to initiate DPP Authentication")
2173 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=10)
2174 if ev is None:
2175 raise Exception("DPP configuration not completed (Configurator)")
2176 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=2)
2177 if ev is None:
2178 raise Exception("DPP configuration not completed (Enrollee)")
2179 ev = dev[0].wait_event(["DPP-NETWORK-ID"], timeout=1)
2180 if ev is None:
2181 raise Exception("DPP network profile not generated")
2182 id = ev.split(' ')[1]
2183
2184 if processing == 1:
2185 dev[0].select_network(id, freq=2412)
2186
2187 dev[0].wait_connected()
2188 hwsim_utils.test_connectivity(dev[0], hapd)
2189
2190 def test_dpp_auto_connect_legacy(dev, apdev):
2191 """DPP and auto connect (legacy)"""
2192 try:
2193 run_dpp_auto_connect_legacy(dev, apdev)
2194 finally:
2195 dev[0].set("dpp_config_processing", "0")
2196
2197 def test_dpp_auto_connect_legacy_sae_1(dev, apdev):
2198 """DPP and auto connect (legacy SAE)"""
2199 try:
2200 run_dpp_auto_connect_legacy(dev, apdev, conf='sta-sae', psk_sae=True)
2201 finally:
2202 dev[0].set("dpp_config_processing", "0")
2203
2204 def test_dpp_auto_connect_legacy_sae_2(dev, apdev):
2205 """DPP and auto connect (legacy SAE)"""
2206 try:
2207 run_dpp_auto_connect_legacy(dev, apdev, conf='sta-sae', sae_only=True)
2208 finally:
2209 dev[0].set("dpp_config_processing", "0")
2210
2211 def test_dpp_auto_connect_legacy_psk_sae_1(dev, apdev):
2212 """DPP and auto connect (legacy PSK+SAE)"""
2213 try:
2214 run_dpp_auto_connect_legacy(dev, apdev, conf='sta-psk-sae',
2215 psk_sae=True)
2216 finally:
2217 dev[0].set("dpp_config_processing", "0")
2218
2219 def test_dpp_auto_connect_legacy_psk_sae_2(dev, apdev):
2220 """DPP and auto connect (legacy PSK+SAE)"""
2221 try:
2222 run_dpp_auto_connect_legacy(dev, apdev, conf='sta-psk-sae',
2223 sae_only=True)
2224 finally:
2225 dev[0].set("dpp_config_processing", "0")
2226
2227 def test_dpp_auto_connect_legacy_psk_sae_3(dev, apdev):
2228 """DPP and auto connect (legacy PSK+SAE)"""
2229 try:
2230 run_dpp_auto_connect_legacy(dev, apdev, conf='sta-psk-sae')
2231 finally:
2232 dev[0].set("dpp_config_processing", "0")
2233
2234 def run_dpp_auto_connect_legacy(dev, apdev, conf='sta-psk',
2235 psk_sae=False, sae_only=False):
2236 check_dpp_capab(dev[0])
2237 check_dpp_capab(dev[1])
2238
2239 params = hostapd.wpa2_params(ssid="dpp-legacy",
2240 passphrase="secret passphrase")
2241 if sae_only:
2242 params['wpa_key_mgmt'] = 'SAE'
2243 params['ieee80211w'] = '2'
2244 elif psk_sae:
2245 params['wpa_key_mgmt'] = 'WPA-PSK SAE'
2246 params['ieee80211w'] = '1'
2247 params['sae_require_mfp'] = '1'
2248
2249 hapd = hostapd.add_ap(apdev[0], params)
2250
2251 dev[0].set("dpp_config_processing", "2")
2252 addr = dev[0].own_addr().replace(':', '')
2253 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2254 res = dev[0].request(cmd)
2255 if "FAIL" in res:
2256 raise Exception("Failed to generate bootstrapping info")
2257 id0 = int(res)
2258 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2259
2260 res = dev[1].request("DPP_QR_CODE " + uri0)
2261 if "FAIL" in res:
2262 raise Exception("Failed to parse QR Code URI")
2263 id1 = int(res)
2264
2265 cmd = "DPP_LISTEN 2412"
2266 if "OK" not in dev[0].request(cmd):
2267 raise Exception("Failed to start listen operation")
2268
2269 cmd = "DPP_AUTH_INIT peer=%d conf=%s ssid=%s pass=%s" % (id1, conf, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2270 if "OK" not in dev[1].request(cmd):
2271 raise Exception("Failed to initiate DPP Authentication")
2272 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=10)
2273 if ev is None:
2274 raise Exception("DPP configuration not completed (Configurator)")
2275 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=2)
2276 if ev is None:
2277 raise Exception("DPP configuration not completed (Enrollee)")
2278 ev = dev[0].wait_event(["DPP-NETWORK-ID"], timeout=1)
2279 if ev is None:
2280 raise Exception("DPP network profile not generated")
2281 id = ev.split(' ')[1]
2282
2283 dev[0].wait_connected()
2284
2285 def test_dpp_auto_connect_legacy_pmf_required(dev, apdev):
2286 """DPP and auto connect (legacy, PMF required)"""
2287 try:
2288 run_dpp_auto_connect_legacy_pmf_required(dev, apdev)
2289 finally:
2290 dev[0].set("dpp_config_processing", "0")
2291
2292 def run_dpp_auto_connect_legacy_pmf_required(dev, apdev):
2293 check_dpp_capab(dev[0])
2294 check_dpp_capab(dev[1])
2295
2296 params = hostapd.wpa2_params(ssid="dpp-legacy",
2297 passphrase="secret passphrase")
2298 params['wpa_key_mgmt'] = "WPA-PSK-SHA256"
2299 params['ieee80211w'] = "2"
2300 hapd = hostapd.add_ap(apdev[0], params)
2301
2302 dev[0].set("dpp_config_processing", "2")
2303 addr = dev[0].own_addr().replace(':', '')
2304 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2305 res = dev[0].request(cmd)
2306 if "FAIL" in res:
2307 raise Exception("Failed to generate bootstrapping info")
2308 id0 = int(res)
2309 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2310
2311 res = dev[1].request("DPP_QR_CODE " + uri0)
2312 if "FAIL" in res:
2313 raise Exception("Failed to parse QR Code URI")
2314 id1 = int(res)
2315
2316 cmd = "DPP_LISTEN 2412"
2317 if "OK" not in dev[0].request(cmd):
2318 raise Exception("Failed to start listen operation")
2319
2320 cmd = "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s pass=%s" % (id1, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2321 if "OK" not in dev[1].request(cmd):
2322 raise Exception("Failed to initiate DPP Authentication")
2323 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=10)
2324 if ev is None:
2325 raise Exception("DPP configuration not completed (Configurator)")
2326 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=2)
2327 if ev is None:
2328 raise Exception("DPP configuration not completed (Enrollee)")
2329 ev = dev[0].wait_event(["DPP-NETWORK-ID"], timeout=1)
2330 if ev is None:
2331 raise Exception("DPP network profile not generated")
2332 id = ev.split(' ')[1]
2333
2334 dev[0].wait_connected()
2335
2336 def test_dpp_qr_code_auth_responder_configurator(dev, apdev):
2337 """DPP QR Code and responder as the configurator"""
2338 run_dpp_qr_code_auth_responder_configurator(dev, apdev, "")
2339
2340 def test_dpp_qr_code_auth_responder_configurator_group_id(dev, apdev):
2341 """DPP QR Code and responder as the configurator with group_id)"""
2342 run_dpp_qr_code_auth_responder_configurator(dev, apdev,
2343 " group_id=test-group")
2344
2345 def run_dpp_qr_code_auth_responder_configurator(dev, apdev, extra):
2346 check_dpp_capab(dev[0])
2347 check_dpp_capab(dev[1])
2348 cmd = "DPP_CONFIGURATOR_ADD"
2349 res = dev[0].request(cmd);
2350 if "FAIL" in res:
2351 raise Exception("Failed to add configurator")
2352 conf_id = int(res)
2353
2354 addr = dev[0].own_addr().replace(':', '')
2355 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2356 res = dev[0].request(cmd)
2357 if "FAIL" in res:
2358 raise Exception("Failed to generate bootstrapping info")
2359 id0 = int(res)
2360 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2361
2362 res = dev[1].request("DPP_QR_CODE " + uri0)
2363 if "FAIL" in res:
2364 raise Exception("Failed to parse QR Code URI")
2365 id1 = int(res)
2366
2367 dev[0].set("dpp_configurator_params",
2368 " conf=sta-dpp configurator=%d%s" % (conf_id, extra));
2369 cmd = "DPP_LISTEN 2412 role=configurator"
2370 if "OK" not in dev[0].request(cmd):
2371 raise Exception("Failed to start listen operation")
2372 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2373 if "OK" not in dev[1].request(cmd):
2374 raise Exception("Failed to initiate DPP Authentication")
2375 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2376 if ev is None:
2377 raise Exception("DPP authentication did not succeed (Responder)")
2378 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2379 if ev is None:
2380 raise Exception("DPP authentication did not succeed (Initiator)")
2381 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
2382 if ev is None:
2383 raise Exception("DPP configuration not completed (Configurator)")
2384 ev = dev[1].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
2385 if ev is None:
2386 raise Exception("DPP configuration not completed (Enrollee)")
2387 dev[0].request("DPP_STOP_LISTEN")
2388 dev[0].dump_monitor()
2389 dev[1].dump_monitor()
2390
2391 def test_dpp_qr_code_hostapd_init(dev, apdev):
2392 """DPP QR Code and hostapd as initiator"""
2393 check_dpp_capab(dev[0])
2394 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
2395 "channel": "6" })
2396 check_dpp_capab(hapd)
2397
2398 cmd = "DPP_CONFIGURATOR_ADD"
2399 res = dev[0].request(cmd);
2400 if "FAIL" in res:
2401 raise Exception("Failed to add configurator")
2402 conf_id = int(res)
2403
2404 addr = dev[0].own_addr().replace(':', '')
2405 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2406 res = dev[0].request(cmd)
2407 if "FAIL" in res:
2408 raise Exception("Failed to generate bootstrapping info")
2409 id0 = int(res)
2410 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2411
2412 dev[0].set("dpp_configurator_params",
2413 " conf=ap-dpp configurator=%d" % conf_id);
2414 cmd = "DPP_LISTEN 2437 role=configurator"
2415 if "OK" not in dev[0].request(cmd):
2416 raise Exception("Failed to start listen operation")
2417
2418 res = hapd.request("DPP_QR_CODE " + uri0)
2419 if "FAIL" in res:
2420 raise Exception("Failed to parse QR Code URI")
2421 id1 = int(res)
2422
2423 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2424 if "OK" not in hapd.request(cmd):
2425 raise Exception("Failed to initiate DPP Authentication")
2426 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2427 if ev is None:
2428 raise Exception("DPP authentication did not succeed (Responder)")
2429 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2430 if ev is None:
2431 raise Exception("DPP authentication did not succeed (Initiator)")
2432 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
2433 if ev is None:
2434 raise Exception("DPP configuration not completed (Configurator)")
2435 ev = hapd.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
2436 if ev is None:
2437 raise Exception("DPP configuration not completed (Enrollee)")
2438 dev[0].request("DPP_STOP_LISTEN")
2439 dev[0].dump_monitor()
2440
2441 def test_dpp_qr_code_hostapd_init_offchannel(dev, apdev):
2442 """DPP QR Code and hostapd as initiator (offchannel)"""
2443 run_dpp_qr_code_hostapd_init_offchannel(dev, apdev, None)
2444
2445 def test_dpp_qr_code_hostapd_init_offchannel_neg_freq(dev, apdev):
2446 """DPP QR Code and hostapd as initiator (offchannel, neg_freq)"""
2447 run_dpp_qr_code_hostapd_init_offchannel(dev, apdev, "neg_freq=2437")
2448
2449 def run_dpp_qr_code_hostapd_init_offchannel(dev, apdev, extra):
2450 check_dpp_capab(dev[0])
2451 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
2452 "channel": "6" })
2453 check_dpp_capab(hapd)
2454
2455 cmd = "DPP_CONFIGURATOR_ADD"
2456 res = dev[0].request(cmd);
2457 if "FAIL" in res:
2458 raise Exception("Failed to add configurator")
2459 conf_id = int(res)
2460
2461 addr = dev[0].own_addr().replace(':', '')
2462 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,81/11 mac=" + addr
2463 res = dev[0].request(cmd)
2464 if "FAIL" in res:
2465 raise Exception("Failed to generate bootstrapping info")
2466 id0 = int(res)
2467 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2468
2469 dev[0].set("dpp_configurator_params",
2470 " conf=ap-dpp configurator=%d" % conf_id);
2471 cmd = "DPP_LISTEN 2462 role=configurator"
2472 if "OK" not in dev[0].request(cmd):
2473 raise Exception("Failed to start listen operation")
2474
2475 res = hapd.request("DPP_QR_CODE " + uri0)
2476 if "FAIL" in res:
2477 raise Exception("Failed to parse QR Code URI")
2478 id1 = int(res)
2479
2480 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2481 if extra:
2482 cmd += " " + extra
2483 if "OK" not in hapd.request(cmd):
2484 raise Exception("Failed to initiate DPP Authentication")
2485 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2486 if ev is None:
2487 raise Exception("DPP authentication did not succeed (Responder)")
2488 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2489 if ev is None:
2490 raise Exception("DPP authentication did not succeed (Initiator)")
2491 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
2492 if ev is None:
2493 raise Exception("DPP configuration not completed (Configurator)")
2494 ev = hapd.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
2495 if ev is None:
2496 raise Exception("DPP configuration not completed (Enrollee)")
2497 dev[0].request("DPP_STOP_LISTEN")
2498 dev[0].dump_monitor()
2499
2500 def test_dpp_test_vector_p_256(dev, apdev):
2501 """DPP P-256 test vector (mutual auth)"""
2502 check_dpp_capab(dev[0])
2503 check_dpp_capab(dev[1])
2504
2505 # Responder bootstrapping key
2506 priv = "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2507 addr = dev[0].own_addr().replace(':', '')
2508 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=30310201010420" + priv + "a00a06082a8648ce3d030107"
2509 res = dev[0].request(cmd)
2510 if "FAIL" in res:
2511 raise Exception("Failed to generate bootstrapping info")
2512 id0 = int(res)
2513 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2514
2515 # Responder protocol keypair override
2516 priv = "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2517 dev[0].set("dpp_protocol_key_override",
2518 "30310201010420" + priv + "a00a06082a8648ce3d030107")
2519
2520 dev[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2521
2522 # Initiator bootstrapping key
2523 priv = "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2524 cmd = "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv + "a00a06082a8648ce3d030107"
2525 res = dev[1].request(cmd)
2526 if "FAIL" in res:
2527 raise Exception("Failed to generate bootstrapping info")
2528 id1 = int(res)
2529 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
2530
2531 # Initiator protocol keypair override
2532 priv = "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2533 dev[1].set("dpp_protocol_key_override",
2534 "30310201010420" + priv + "a00a06082a8648ce3d030107")
2535
2536 dev[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2537
2538 res = dev[1].request("DPP_QR_CODE " + uri0)
2539 if "FAIL" in res:
2540 raise Exception("Failed to parse QR Code URI")
2541 id1peer = int(res)
2542
2543 res = dev[0].request("DPP_QR_CODE " + uri1)
2544 if "FAIL" in res:
2545 raise Exception("Failed to parse QR Code URI")
2546 id0peer = int(res)
2547
2548 cmd = "DPP_LISTEN 2462 qr=mutual"
2549 if "OK" not in dev[0].request(cmd):
2550 raise Exception("Failed to start listen operation")
2551
2552 cmd = "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer, id1)
2553 if "OK" not in dev[1].request(cmd):
2554 raise Exception("Failed to initiate operation")
2555
2556 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2557 if ev is None:
2558 raise Exception("DPP authentication did not succeed (Initiator)")
2559 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2560 if ev is None:
2561 raise Exception("DPP authentication did not succeed (Responder)")
2562
2563 def test_dpp_test_vector_p_256_b(dev, apdev):
2564 """DPP P-256 test vector (Responder-only auth)"""
2565 check_dpp_capab(dev[0])
2566 check_dpp_capab(dev[1])
2567
2568 # Responder bootstrapping key
2569 priv = "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2570 addr = dev[0].own_addr().replace(':', '')
2571 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=30310201010420" + priv + "a00a06082a8648ce3d030107"
2572 res = dev[0].request(cmd)
2573 if "FAIL" in res:
2574 raise Exception("Failed to generate bootstrapping info")
2575 id0 = int(res)
2576 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2577
2578 # Responder protocol keypair override
2579 priv = "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2580 dev[0].set("dpp_protocol_key_override",
2581 "30310201010420" + priv + "a00a06082a8648ce3d030107")
2582
2583 dev[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2584
2585 # Initiator bootstrapping key
2586 priv = "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2587 cmd = "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv + "a00a06082a8648ce3d030107"
2588 res = dev[1].request(cmd)
2589 if "FAIL" in res:
2590 raise Exception("Failed to generate bootstrapping info")
2591 id1 = int(res)
2592 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
2593
2594 # Initiator protocol keypair override
2595 priv = "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2596 dev[1].set("dpp_protocol_key_override",
2597 "30310201010420" + priv + "a00a06082a8648ce3d030107")
2598
2599 dev[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2600
2601 res = dev[1].request("DPP_QR_CODE " + uri0)
2602 if "FAIL" in res:
2603 raise Exception("Failed to parse QR Code URI")
2604 id1peer = int(res)
2605
2606 cmd = "DPP_LISTEN 2462"
2607 if "OK" not in dev[0].request(cmd):
2608 raise Exception("Failed to start listen operation")
2609
2610 cmd = "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer, id1)
2611 if "OK" not in dev[1].request(cmd):
2612 raise Exception("Failed to initiate operation")
2613
2614 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2615 if ev is None:
2616 raise Exception("DPP authentication did not succeed (Initiator)")
2617 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2618 if ev is None:
2619 raise Exception("DPP authentication did not succeed (Responder)")
2620
2621 def der_priv_key_p_521(priv):
2622 if len(priv) != 2 * 66:
2623 raise Exception("Unexpected der_priv_key_p_521 parameter: " + priv)
2624 der_prefix = "3081500201010442"
2625 der_postfix = "a00706052b81040023"
2626 return der_prefix + priv + der_postfix
2627
2628 def test_dpp_test_vector_p_521(dev, apdev):
2629 """DPP P-521 test vector (mutual auth)"""
2630 check_dpp_capab(dev[0])
2631 check_dpp_capab(dev[1])
2632
2633 # Responder bootstrapping key
2634 priv = "0061e54f518cdf859735da3dd64c6f72c2f086f41a6fd52915152ea2fe0f24ddaecd8883730c9c9fd82cf7c043a41021696388cf5190b731dd83638bcd56d8b6c743"
2635 addr = dev[0].own_addr().replace(':', '')
2636 #cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=" + der_prefix + priv + der_postfix
2637 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=" + der_priv_key_p_521(priv)
2638 res = dev[0].request(cmd)
2639 if "FAIL" in res:
2640 raise Exception("Failed to generate bootstrapping info")
2641 id0 = int(res)
2642 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2643
2644 # Responder protocol keypair override
2645 priv = "01d8b7b17cd1b0a33f7c66fb4220999329cdaf4f8b44b2ffadde8ab8ed8abffa9f5358c5b1caae26709ca4fb78e52a4d08f2e4f24111a36a6f440d20a0000ff51597"
2646 dev[0].set("dpp_protocol_key_override", der_priv_key_p_521(priv))
2647
2648 dev[0].set("dpp_nonce_override",
2649 "d749a782012eb0a8595af30b2dfc8d0880d004ebddb55ecc5afbdef18c400e01")
2650
2651 # Initiator bootstrapping key
2652 priv = "0060c10df14af5ef27f6e362d31bdd9eeb44be77a323ba64b08f3f03d58b92cbfe05c182a91660caa081ca344243c47b5aa088bcdf738840eb35f0218b9f26881e02"
2653 cmd = "DPP_BOOTSTRAP_GEN type=qrcode key=" + der_priv_key_p_521(priv)
2654 res = dev[1].request(cmd)
2655 if "FAIL" in res:
2656 raise Exception("Failed to generate bootstrapping info")
2657 id1 = int(res)
2658 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
2659
2660 # Initiator protocol keypair override
2661 priv = "019c1c08caaeec38fb931894699b095bc3ab8c1ec7ef0622d2e3eba821477c8c6fca41774f21166ad98aebda37c067d9aa08a8a2e1b5c44c61f2bae02a61f85d9661"
2662 dev[1].set("dpp_protocol_key_override", der_priv_key_p_521(priv))
2663
2664 dev[1].set("dpp_nonce_override",
2665 "de972af3847bec3ba2aedd9f5c21cfdec7bf0bc5fe8b276cbcd0267807fb15b0")
2666
2667 res = dev[1].request("DPP_QR_CODE " + uri0)
2668 if "FAIL" in res:
2669 raise Exception("Failed to parse QR Code URI")
2670 id1peer = int(res)
2671
2672 res = dev[0].request("DPP_QR_CODE " + uri1)
2673 if "FAIL" in res:
2674 raise Exception("Failed to parse QR Code URI")
2675 id0peer = int(res)
2676
2677 cmd = "DPP_LISTEN 2462 qr=mutual"
2678 if "OK" not in dev[0].request(cmd):
2679 raise Exception("Failed to start listen operation")
2680
2681 cmd = "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer, id1)
2682 if "OK" not in dev[1].request(cmd):
2683 raise Exception("Failed to initiate operation")
2684
2685 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2686 if ev is None:
2687 raise Exception("DPP authentication did not succeed (Initiator)")
2688 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2689 if ev is None:
2690 raise Exception("DPP authentication did not succeed (Responder)")
2691
2692 def test_dpp_pkex(dev, apdev):
2693 """DPP and PKEX"""
2694 run_dpp_pkex(dev, apdev)
2695
2696 def test_dpp_pkex_p256(dev, apdev):
2697 """DPP and PKEX (P-256)"""
2698 run_dpp_pkex(dev, apdev, "P-256")
2699
2700 def test_dpp_pkex_p384(dev, apdev):
2701 """DPP and PKEX (P-384)"""
2702 run_dpp_pkex(dev, apdev, "P-384")
2703
2704 def test_dpp_pkex_p521(dev, apdev):
2705 """DPP and PKEX (P-521)"""
2706 run_dpp_pkex(dev, apdev, "P-521")
2707
2708 def test_dpp_pkex_bp256(dev, apdev):
2709 """DPP and PKEX (BP-256)"""
2710 run_dpp_pkex(dev, apdev, "brainpoolP256r1")
2711
2712 def test_dpp_pkex_bp384(dev, apdev):
2713 """DPP and PKEX (BP-384)"""
2714 run_dpp_pkex(dev, apdev, "brainpoolP384r1")
2715
2716 def test_dpp_pkex_bp512(dev, apdev):
2717 """DPP and PKEX (BP-512)"""
2718 run_dpp_pkex(dev, apdev, "brainpoolP512r1")
2719
2720 def test_dpp_pkex_config(dev, apdev):
2721 """DPP and PKEX with initiator as the configurator"""
2722 check_dpp_capab(dev[1])
2723
2724 cmd = "DPP_CONFIGURATOR_ADD"
2725 res = dev[1].request(cmd);
2726 if "FAIL" in res:
2727 raise Exception("Failed to add configurator")
2728 conf_id = int(res)
2729
2730 run_dpp_pkex(dev, apdev,
2731 init_extra="conf=sta-dpp configurator=%d" % (conf_id),
2732 check_config=True)
2733
2734 def test_dpp_pkex_no_identifier(dev, apdev):
2735 """DPP and PKEX without identifier"""
2736 run_dpp_pkex(dev, apdev, identifier_i=None, identifier_r=None)
2737
2738 def test_dpp_pkex_identifier_mismatch(dev, apdev):
2739 """DPP and PKEX with different identifiers"""
2740 run_dpp_pkex(dev, apdev, identifier_i="foo", identifier_r="bar",
2741 expect_no_resp=True)
2742
2743 def test_dpp_pkex_identifier_mismatch2(dev, apdev):
2744 """DPP and PKEX with initiator using identifier and the responder not"""
2745 run_dpp_pkex(dev, apdev, identifier_i="foo", identifier_r=None,
2746 expect_no_resp=True)
2747
2748 def test_dpp_pkex_identifier_mismatch3(dev, apdev):
2749 """DPP and PKEX with responder using identifier and the initiator not"""
2750 run_dpp_pkex(dev, apdev, identifier_i=None, identifier_r="bar",
2751 expect_no_resp=True)
2752
2753 def run_dpp_pkex(dev, apdev, curve=None, init_extra="", check_config=False,
2754 identifier_i="test", identifier_r="test",
2755 expect_no_resp=False):
2756 check_dpp_capab(dev[0], curve and "brainpool" in curve)
2757 check_dpp_capab(dev[1], curve and "brainpool" in curve)
2758
2759 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2760 if curve:
2761 cmd += " curve=" + curve
2762 res = dev[0].request(cmd)
2763 if "FAIL" in res:
2764 raise Exception("Failed to generate bootstrapping info")
2765 id0 = int(res)
2766
2767 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2768 if curve:
2769 cmd += " curve=" + curve
2770 res = dev[1].request(cmd)
2771 if "FAIL" in res:
2772 raise Exception("Failed to generate bootstrapping info")
2773 id1 = int(res)
2774
2775 identifier = " identifier=" + identifier_r if identifier_r else ""
2776 cmd = "DPP_PKEX_ADD own=%d%s code=secret" % (id0, identifier)
2777 res = dev[0].request(cmd)
2778 if "FAIL" in res:
2779 raise Exception("Failed to set PKEX data (responder)")
2780 cmd = "DPP_LISTEN 2437"
2781 if "OK" not in dev[0].request(cmd):
2782 raise Exception("Failed to start listen operation")
2783
2784 identifier = " identifier=" + identifier_i if identifier_i else ""
2785 cmd = "DPP_PKEX_ADD own=%d%s init=1 %s code=secret" % (id1, identifier,
2786 init_extra)
2787 res = dev[1].request(cmd)
2788 if "FAIL" in res:
2789 raise Exception("Failed to set PKEX data (initiator)")
2790
2791 if expect_no_resp:
2792 ev = dev[0].wait_event(["DPP-RX"], timeout=10)
2793 if ev is None:
2794 raise Exception("DPP PKEX frame not received")
2795 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=1)
2796 if ev is not None:
2797 raise Exception("DPP authentication succeeded")
2798 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=0.1)
2799 if ev is not None:
2800 raise Exception("DPP authentication succeeded")
2801 return
2802
2803 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2804 if ev is None:
2805 raise Exception("DPP authentication did not succeed (Initiator)")
2806 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2807 if ev is None:
2808 raise Exception("DPP authentication did not succeed (Responder)")
2809
2810 if check_config:
2811 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
2812 if ev is None:
2813 raise Exception("DPP configuration not completed (Configurator)")
2814 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
2815 if ev is None:
2816 raise Exception("DPP configuration not completed (Enrollee)")
2817
2818 def test_dpp_pkex_5ghz(dev, apdev):
2819 """DPP and PKEX on 5 GHz"""
2820 try:
2821 dev[0].request("SET country US")
2822 dev[1].request("SET country US")
2823 ev = dev[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout=1)
2824 if ev is None:
2825 ev = dev[0].wait_global_event(["CTRL-EVENT-REGDOM-CHANGE"],
2826 timeout=1)
2827 run_dpp_pkex_5ghz(dev, apdev)
2828 finally:
2829 dev[0].request("SET country 00")
2830 dev[1].request("SET country 00")
2831 subprocess.call(['iw', 'reg', 'set', '00'])
2832 time.sleep(0.1)
2833
2834 def run_dpp_pkex_5ghz(dev, apdev):
2835 check_dpp_capab(dev[0])
2836 check_dpp_capab(dev[1])
2837
2838 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2839 res = dev[0].request(cmd)
2840 if "FAIL" in res:
2841 raise Exception("Failed to generate bootstrapping info")
2842 id0 = int(res)
2843
2844 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2845 res = dev[1].request(cmd)
2846 if "FAIL" in res:
2847 raise Exception("Failed to generate bootstrapping info")
2848 id1 = int(res)
2849
2850 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
2851 res = dev[0].request(cmd)
2852 if "FAIL" in res:
2853 raise Exception("Failed to set PKEX data (responder)")
2854 cmd = "DPP_LISTEN 5745"
2855 if "OK" not in dev[0].request(cmd):
2856 raise Exception("Failed to start listen operation")
2857
2858 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % (id1)
2859 res = dev[1].request(cmd)
2860 if "FAIL" in res:
2861 raise Exception("Failed to set PKEX data (initiator)")
2862
2863 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout=20)
2864 if ev is None or "DPP-AUTH-SUCCESS" not in ev:
2865 raise Exception("DPP authentication did not succeed (Initiator)")
2866 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2867 if ev is None:
2868 raise Exception("DPP authentication did not succeed (Responder)")
2869
2870 def test_dpp_pkex_test_vector(dev, apdev):
2871 """DPP and PKEX (P-256) test vector"""
2872 check_dpp_capab(dev[0])
2873 check_dpp_capab(dev[1])
2874
2875 init_addr = "ac:64:91:f4:52:07"
2876 resp_addr = "6e:5e:ce:6e:f3:dd"
2877
2878 identifier = "joes_key"
2879 code = "thisisreallysecret"
2880
2881 # Initiator bootstrapping private key
2882 init_priv = "5941b51acfc702cdc1c347264beb2920db88eb1a0bf03a211868b1632233c269"
2883
2884 # Responder bootstrapping private key
2885 resp_priv = "2ae8956293f49986b6d0b8169a86805d9232babb5f6813fdfe96f19d59536c60"
2886
2887 # Initiator x/X keypair override
2888 init_x_priv = "8365c5ed93d751bef2d92b410dc6adfd95670889183fac1bd66759ad85c3187a"
2889
2890 # Responder y/Y keypair override
2891 resp_y_priv = "d98faa24d7dd3f592665d71a95c862bfd02c4c48acb0c515a41cbc6e929675ea"
2892
2893 p256_prefix = "30310201010420"
2894 p256_postfix = "a00a06082a8648ce3d030107"
2895
2896 dev[0].set("dpp_pkex_own_mac_override", resp_addr)
2897 dev[0].set("dpp_pkex_peer_mac_override", init_addr)
2898 dev[1].set("dpp_pkex_own_mac_override", init_addr)
2899 dev[1].set("dpp_pkex_peer_mac_override", resp_addr)
2900
2901 # Responder bootstrapping key
2902 cmd = "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix + resp_priv + p256_postfix
2903 res = dev[0].request(cmd)
2904 if "FAIL" in res:
2905 raise Exception("Failed to generate bootstrapping info")
2906 id0 = int(res)
2907
2908 # Responder y/Y keypair override
2909 dev[0].set("dpp_pkex_ephemeral_key_override",
2910 p256_prefix + resp_y_priv + p256_postfix)
2911
2912 # Initiator bootstrapping key
2913 cmd = "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix + init_priv + p256_postfix
2914 res = dev[1].request(cmd)
2915 if "FAIL" in res:
2916 raise Exception("Failed to generate bootstrapping info")
2917 id1 = int(res)
2918
2919 # Initiator x/X keypair override
2920 dev[1].set("dpp_pkex_ephemeral_key_override",
2921 p256_prefix + init_x_priv + p256_postfix)
2922
2923 cmd = "DPP_PKEX_ADD own=%d identifier=%s code=%s" % (id0, identifier, code)
2924 res = dev[0].request(cmd)
2925 if "FAIL" in res:
2926 raise Exception("Failed to set PKEX data (responder)")
2927 cmd = "DPP_LISTEN 2437"
2928 if "OK" not in dev[0].request(cmd):
2929 raise Exception("Failed to start listen operation")
2930
2931 cmd = "DPP_PKEX_ADD own=%d identifier=%s init=1 code=%s" % (id1, identifier, code)
2932 res = dev[1].request(cmd)
2933 if "FAIL" in res:
2934 raise Exception("Failed to set PKEX data (initiator)")
2935
2936 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2937 if ev is None:
2938 raise Exception("DPP authentication did not succeed (Initiator)")
2939 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2940 if ev is None:
2941 raise Exception("DPP authentication did not succeed (Responder)")
2942
2943 def test_dpp_pkex_code_mismatch(dev, apdev):
2944 """DPP and PKEX with mismatching code"""
2945 check_dpp_capab(dev[0])
2946 check_dpp_capab(dev[1])
2947
2948 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2949 res = dev[0].request(cmd)
2950 if "FAIL" in res:
2951 raise Exception("Failed to generate bootstrapping info")
2952 id0 = int(res)
2953
2954 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2955 res = dev[1].request(cmd)
2956 if "FAIL" in res:
2957 raise Exception("Failed to generate bootstrapping info")
2958 id1 = int(res)
2959
2960 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
2961 res = dev[0].request(cmd)
2962 if "FAIL" in res:
2963 raise Exception("Failed to set PKEX data (responder)")
2964 cmd = "DPP_LISTEN 2437"
2965 if "OK" not in dev[0].request(cmd):
2966 raise Exception("Failed to start listen operation")
2967
2968 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2969 res = dev[1].request(cmd)
2970 if "FAIL" in res:
2971 raise Exception("Failed to set PKEX data (initiator)")
2972
2973 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
2974 if ev is None:
2975 raise Exception("Failure not reported")
2976 if "possible PKEX code mismatch" not in ev:
2977 raise Exception("Unexpected result: " + ev)
2978
2979 dev[0].dump_monitor()
2980 dev[1].dump_monitor()
2981
2982 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2983 res = dev[1].request(cmd)
2984 if "FAIL" in res:
2985 raise Exception("Failed to set PKEX data (initiator, retry)")
2986
2987 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2988 if ev is None:
2989 raise Exception("DPP authentication did not succeed (Initiator, retry)")
2990 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
2991 if ev is None:
2992 raise Exception("DPP authentication did not succeed (Responder, retry)")
2993
2994 def test_dpp_pkex_code_mismatch_limit(dev, apdev):
2995 """DPP and PKEX with mismatching code limit"""
2996 check_dpp_capab(dev[0])
2997 check_dpp_capab(dev[1])
2998
2999 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3000 res = dev[0].request(cmd)
3001 if "FAIL" in res:
3002 raise Exception("Failed to generate bootstrapping info")
3003 id0 = int(res)
3004
3005 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3006 res = dev[1].request(cmd)
3007 if "FAIL" in res:
3008 raise Exception("Failed to generate bootstrapping info")
3009 id1 = int(res)
3010
3011 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3012 res = dev[0].request(cmd)
3013 if "FAIL" in res:
3014 raise Exception("Failed to set PKEX data (responder)")
3015 cmd = "DPP_LISTEN 2437"
3016 if "OK" not in dev[0].request(cmd):
3017 raise Exception("Failed to start listen operation")
3018
3019 for i in range(5):
3020 dev[0].dump_monitor()
3021 dev[1].dump_monitor()
3022 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
3023 res = dev[1].request(cmd)
3024 if "FAIL" in res:
3025 raise Exception("Failed to set PKEX data (initiator)")
3026
3027 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
3028 if ev is None:
3029 raise Exception("Failure not reported")
3030 if "possible PKEX code mismatch" not in ev:
3031 raise Exception("Unexpected result: " + ev)
3032
3033 ev = dev[0].wait_event(["DPP-PKEX-T-LIMIT"], timeout=1)
3034 if ev is None:
3035 raise Exception("PKEX t limit not reported")
3036
3037 def test_dpp_pkex_curve_mismatch(dev, apdev):
3038 """DPP and PKEX with mismatching curve"""
3039 check_dpp_capab(dev[0])
3040 check_dpp_capab(dev[1])
3041
3042 cmd = "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
3043 res = dev[0].request(cmd)
3044 if "FAIL" in res:
3045 raise Exception("Failed to generate bootstrapping info")
3046 id0 = int(res)
3047
3048 cmd = "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
3049 res = dev[1].request(cmd)
3050 if "FAIL" in res:
3051 raise Exception("Failed to generate bootstrapping info")
3052 id1 = int(res)
3053
3054 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3055 res = dev[0].request(cmd)
3056 if "FAIL" in res:
3057 raise Exception("Failed to set PKEX data (responder)")
3058 cmd = "DPP_LISTEN 2437"
3059 if "OK" not in dev[0].request(cmd):
3060 raise Exception("Failed to start listen operation")
3061
3062 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3063 res = dev[1].request(cmd)
3064 if "FAIL" in res:
3065 raise Exception("Failed to set PKEX data (initiator)")
3066
3067 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
3068 if ev is None:
3069 raise Exception("Failure not reported (dev 0)")
3070 if "Mismatching PKEX curve: peer=20 own=19" not in ev:
3071 raise Exception("Unexpected result: " + ev)
3072
3073 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
3074 if ev is None:
3075 raise Exception("Failure not reported (dev 1)")
3076 if "Peer indicated mismatching PKEX group - proposed 19" not in ev:
3077 raise Exception("Unexpected result: " + ev)
3078
3079 def test_dpp_pkex_curve_mismatch_failure(dev, apdev):
3080 """DPP and PKEX with mismatching curve (local failure)"""
3081 run_dpp_pkex_curve_mismatch_failure(dev, apdev, "=dpp_pkex_rx_exchange_req")
3082
3083 def test_dpp_pkex_curve_mismatch_failure2(dev, apdev):
3084 """DPP and PKEX with mismatching curve (local failure 2)"""
3085 run_dpp_pkex_curve_mismatch_failure(dev, apdev,
3086 "dpp_pkex_build_exchange_resp")
3087
3088 def run_dpp_pkex_curve_mismatch_failure(dev, apdev, func):
3089 check_dpp_capab(dev[0])
3090 check_dpp_capab(dev[1])
3091
3092 cmd = "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
3093 res = dev[0].request(cmd)
3094 if "FAIL" in res:
3095 raise Exception("Failed to generate bootstrapping info")
3096 id0 = int(res)
3097
3098 cmd = "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
3099 res = dev[1].request(cmd)
3100 if "FAIL" in res:
3101 raise Exception("Failed to generate bootstrapping info")
3102 id1 = int(res)
3103
3104 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3105 res = dev[0].request(cmd)
3106 if "FAIL" in res:
3107 raise Exception("Failed to set PKEX data (responder)")
3108 cmd = "DPP_LISTEN 2437"
3109 if "OK" not in dev[0].request(cmd):
3110 raise Exception("Failed to start listen operation")
3111
3112 with alloc_fail(dev[0], 1, func):
3113 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3114 res = dev[1].request(cmd)
3115 if "FAIL" in res:
3116 raise Exception("Failed to set PKEX data (initiator)")
3117
3118 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
3119 if ev is None:
3120 raise Exception("Failure not reported (dev 0)")
3121 if "Mismatching PKEX curve: peer=20 own=19" not in ev:
3122 raise Exception("Unexpected result: " + ev)
3123
3124 def test_dpp_pkex_exchange_resp_processing_failure(dev, apdev):
3125 """DPP and PKEX with local failure in processing Exchange Resp"""
3126 check_dpp_capab(dev[0])
3127 check_dpp_capab(dev[1])
3128
3129 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3130 res = dev[0].request(cmd)
3131 if "FAIL" in res:
3132 raise Exception("Failed to generate bootstrapping info")
3133 id0 = int(res)
3134
3135 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3136 res = dev[1].request(cmd)
3137 if "FAIL" in res:
3138 raise Exception("Failed to generate bootstrapping info")
3139 id1 = int(res)
3140
3141 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3142 res = dev[0].request(cmd)
3143 if "FAIL" in res:
3144 raise Exception("Failed to set PKEX data (responder)")
3145 cmd = "DPP_LISTEN 2437"
3146 if "OK" not in dev[0].request(cmd):
3147 raise Exception("Failed to start listen operation")
3148
3149 with fail_test(dev[1], 1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_resp"):
3150 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3151 res = dev[1].request(cmd)
3152 if "FAIL" in res:
3153 raise Exception("Failed to set PKEX data (initiator)")
3154 wait_fail_trigger(dev[1], "GET_FAIL")
3155
3156 def test_dpp_pkex_commit_reveal_req_processing_failure(dev, apdev):
3157 """DPP and PKEX with local failure in processing Commit Reveal Req"""
3158 check_dpp_capab(dev[0])
3159 check_dpp_capab(dev[1])
3160
3161 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3162 res = dev[0].request(cmd)
3163 if "FAIL" in res:
3164 raise Exception("Failed to generate bootstrapping info")
3165 id0 = int(res)
3166
3167 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3168 res = dev[1].request(cmd)
3169 if "FAIL" in res:
3170 raise Exception("Failed to generate bootstrapping info")
3171 id1 = int(res)
3172
3173 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3174 res = dev[0].request(cmd)
3175 if "FAIL" in res:
3176 raise Exception("Failed to set PKEX data (responder)")
3177 cmd = "DPP_LISTEN 2437"
3178 if "OK" not in dev[0].request(cmd):
3179 raise Exception("Failed to start listen operation")
3180
3181 with alloc_fail(dev[0], 1,
3182 "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"):
3183 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3184 res = dev[1].request(cmd)
3185 if "FAIL" in res:
3186 raise Exception("Failed to set PKEX data (initiator)")
3187 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
3188
3189 def test_dpp_pkex_config2(dev, apdev):
3190 """DPP and PKEX with responder as the configurator"""
3191 check_dpp_capab(dev[0])
3192
3193 cmd = "DPP_CONFIGURATOR_ADD"
3194 res = dev[0].request(cmd);
3195 if "FAIL" in res:
3196 raise Exception("Failed to add configurator")
3197 conf_id = int(res)
3198
3199 dev[0].set("dpp_configurator_params",
3200 " conf=sta-dpp configurator=%d" % conf_id);
3201 run_dpp_pkex2(dev, apdev)
3202
3203 def run_dpp_pkex2(dev, apdev, curve=None, init_extra=""):
3204 check_dpp_capab(dev[0])
3205 check_dpp_capab(dev[1])
3206
3207 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3208 if curve:
3209 cmd += " curve=" + curve
3210 res = dev[0].request(cmd)
3211 if "FAIL" in res:
3212 raise Exception("Failed to generate bootstrapping info")
3213 id0 = int(res)
3214
3215 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3216 if curve:
3217 cmd += " curve=" + curve
3218 res = dev[1].request(cmd)
3219 if "FAIL" in res:
3220 raise Exception("Failed to generate bootstrapping info")
3221 id1 = int(res)
3222
3223 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3224 res = dev[0].request(cmd)
3225 if "FAIL" in res:
3226 raise Exception("Failed to set PKEX data (responder)")
3227 cmd = "DPP_LISTEN 2437 role=configurator"
3228 if "OK" not in dev[0].request(cmd):
3229 raise Exception("Failed to start listen operation")
3230
3231 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee %s code=secret" % (id1, init_extra)
3232 res = dev[1].request(cmd)
3233 if "FAIL" in res:
3234 raise Exception("Failed to set PKEX data (initiator)")
3235
3236 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3237 if ev is None:
3238 raise Exception("DPP authentication did not succeed (Initiator)")
3239 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3240 if ev is None:
3241 raise Exception("DPP authentication did not succeed (Responder)")
3242
3243 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
3244 if ev is None:
3245 raise Exception("DPP configuration not completed (Configurator)")
3246 ev = dev[1].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3247 if ev is None:
3248 raise Exception("DPP configuration not completed (Enrollee)")
3249
3250 def test_dpp_pkex_no_responder(dev, apdev):
3251 """DPP and PKEX with no responder (retry behavior)"""
3252 check_dpp_capab(dev[0])
3253
3254 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3255 res = dev[0].request(cmd)
3256 if "FAIL" in res:
3257 raise Exception("Failed to generate bootstrapping info")
3258 id0 = int(res)
3259
3260 cmd = "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0)
3261 res = dev[0].request(cmd)
3262 if "FAIL" in res:
3263 raise Exception("Failed to set PKEX data (initiator)")
3264
3265 ev = dev[0].wait_event(["DPP-FAIL"], timeout=15)
3266 if ev is None:
3267 raise Exception("DPP PKEX failure not reported")
3268 if "No response from PKEX peer" not in ev:
3269 raise Exception("Unexpected failure reason: " + ev)
3270
3271 def test_dpp_pkex_after_retry(dev, apdev):
3272 """DPP and PKEX completing after retry"""
3273 check_dpp_capab(dev[0])
3274
3275 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3276 res = dev[0].request(cmd)
3277 if "FAIL" in res:
3278 raise Exception("Failed to generate bootstrapping info")
3279 id0 = int(res)
3280
3281 cmd = "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0)
3282 res = dev[0].request(cmd)
3283 if "FAIL" in res:
3284 raise Exception("Failed to set PKEX data (initiator)")
3285
3286 time.sleep(0.1)
3287 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3288 res = dev[1].request(cmd)
3289 if "FAIL" in res:
3290 raise Exception("Failed to generate bootstrapping info")
3291 id1 = int(res)
3292
3293 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
3294 res = dev[1].request(cmd)
3295 if "FAIL" in res:
3296 raise Exception("Failed to set PKEX data (responder)")
3297 cmd = "DPP_LISTEN 2437"
3298 if "OK" not in dev[1].request(cmd):
3299 raise Exception("Failed to start listen operation")
3300
3301 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=10)
3302 if ev is None:
3303 raise Exception("DPP authentication did not succeed (Responder)")
3304 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3305 if ev is None:
3306 raise Exception("DPP authentication did not succeed (Initiator)")
3307 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
3308 if ev is None:
3309 raise Exception("DPP configuration not completed (Configurator)")
3310 # Ignore Enrollee result since configurator was not set here
3311
3312 def test_dpp_pkex_hostapd_responder(dev, apdev):
3313 """DPP PKEX with hostapd as responder"""
3314 check_dpp_capab(dev[0])
3315 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
3316 "channel": "6" })
3317 check_dpp_capab(hapd)
3318
3319 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3320 res = hapd.request(cmd)
3321 if "FAIL" in res:
3322 raise Exception("Failed to generate bootstrapping info (hostapd)")
3323 id_h = int(res)
3324
3325 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id_h)
3326 res = hapd.request(cmd)
3327 if "FAIL" in res:
3328 raise Exception("Failed to set PKEX data (responder/hostapd)")
3329
3330 cmd = "DPP_CONFIGURATOR_ADD"
3331 res = dev[0].request(cmd);
3332 if "FAIL" in res:
3333 raise Exception("Failed to add configurator")
3334 conf_id = int(res)
3335
3336 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3337 res = dev[0].request(cmd)
3338 if "FAIL" in res:
3339 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3340 id0 = int(res)
3341
3342 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 conf=ap-dpp configurator=%d code=secret" % (id0, conf_id)
3343 res = dev[0].request(cmd)
3344 if "FAIL" in res:
3345 raise Exception("Failed to set PKEX data (initiator/wpa_supplicant)")
3346
3347 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3348 if ev is None:
3349 raise Exception("DPP authentication did not succeed (Initiator)")
3350 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3351 if ev is None:
3352 raise Exception("DPP authentication did not succeed (Responder)")
3353 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
3354 if ev is None:
3355 raise Exception("DPP configuration not completed (Configurator)")
3356 ev = hapd.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3357 if ev is None:
3358 raise Exception("DPP configuration not completed (Enrollee)")
3359 dev[0].request("DPP_STOP_LISTEN")
3360 dev[0].dump_monitor()
3361
3362 def test_dpp_pkex_hostapd_initiator(dev, apdev):
3363 """DPP PKEX with hostapd as initiator"""
3364 check_dpp_capab(dev[0])
3365 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
3366 "channel": "6" })
3367 check_dpp_capab(hapd)
3368
3369 cmd = "DPP_CONFIGURATOR_ADD"
3370 res = dev[0].request(cmd);
3371 if "FAIL" in res:
3372 raise Exception("Failed to add configurator")
3373 conf_id = int(res)
3374
3375 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3376 res = dev[0].request(cmd)
3377 if "FAIL" in res:
3378 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3379 id0 = int(res)
3380
3381 dev[0].set("dpp_configurator_params",
3382 " conf=ap-dpp configurator=%d" % conf_id);
3383
3384 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
3385 res = dev[0].request(cmd)
3386 if "FAIL" in res:
3387 raise Exception("Failed to set PKEX data (responder/wpa_supplicant)")
3388
3389 cmd = "DPP_LISTEN 2437 role=configurator"
3390 if "OK" not in dev[0].request(cmd):
3391 raise Exception("Failed to start listen operation")
3392
3393 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
3394 res = hapd.request(cmd)
3395 if "FAIL" in res:
3396 raise Exception("Failed to generate bootstrapping info (hostapd)")
3397 id_h = int(res)
3398
3399 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee code=secret" % (id_h)
3400 res = hapd.request(cmd)
3401 if "FAIL" in res:
3402 raise Exception("Failed to set PKEX data (initiator/hostapd)")
3403
3404 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3405 if ev is None:
3406 raise Exception("DPP authentication did not succeed (Initiator)")
3407 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3408 if ev is None:
3409 raise Exception("DPP authentication did not succeed (Responder)")
3410 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
3411 if ev is None:
3412 raise Exception("DPP configuration not completed (Configurator)")
3413 ev = hapd.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3414 if ev is None:
3415 raise Exception("DPP configuration not completed (Enrollee)")
3416 dev[0].request("DPP_STOP_LISTEN")
3417 dev[0].dump_monitor()
3418
3419 def test_dpp_hostapd_configurator(dev, apdev):
3420 """DPP with hostapd as configurator/initiator"""
3421 check_dpp_capab(dev[0])
3422 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
3423 "channel": "1" })
3424 check_dpp_capab(hapd)
3425
3426 cmd = "DPP_CONFIGURATOR_ADD"
3427 res = hapd.request(cmd);
3428 if "FAIL" in res:
3429 raise Exception("Failed to add configurator")
3430 conf_id = int(res)
3431
3432 addr = dev[0].own_addr().replace(':', '')
3433 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3434 res = dev[0].request(cmd)
3435 if "FAIL" in res:
3436 raise Exception("Failed to generate bootstrapping info")
3437 id0 = int(res)
3438 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
3439
3440 res = hapd.request("DPP_QR_CODE " + uri0)
3441 if "FAIL" in res:
3442 raise Exception("Failed to parse QR Code URI")
3443 id1 = int(res)
3444
3445 res = hapd.request("DPP_BOOTSTRAP_INFO %d" % id0)
3446 if "FAIL" in res:
3447 raise Exception("DPP_BOOTSTRAP_INFO failed")
3448 if "type=QRCODE" not in res:
3449 raise Exception("DPP_BOOTSTRAP_INFO did not report correct type")
3450 if "mac_addr=" + dev[0].own_addr() not in res:
3451 raise Exception("DPP_BOOTSTRAP_INFO did not report correct mac_addr")
3452
3453 cmd = "DPP_LISTEN 2412"
3454 if "OK" not in dev[0].request(cmd):
3455 raise Exception("Failed to start listen operation")
3456 cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1, conf_id)
3457 if "OK" not in hapd.request(cmd):
3458 raise Exception("Failed to initiate DPP Authentication")
3459
3460 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3461 if ev is None:
3462 raise Exception("DPP authentication did not succeed (Responder)")
3463 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3464 if ev is None:
3465 raise Exception("DPP authentication did not succeed (Initiator)")
3466 ev = hapd.wait_event(["DPP-CONF-SENT"], timeout=5)
3467 if ev is None:
3468 raise Exception("DPP configuration not completed (Configurator)")
3469 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3470 if ev is None:
3471 raise Exception("DPP configuration not completed (Enrollee)")
3472 dev[0].request("DPP_STOP_LISTEN")
3473 dev[0].dump_monitor()
3474
3475 def test_dpp_hostapd_configurator_responder(dev, apdev):
3476 """DPP with hostapd as configurator/responder"""
3477 check_dpp_capab(dev[0])
3478 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured",
3479 "channel": "1" })
3480 check_dpp_capab(hapd)
3481
3482 cmd = "DPP_CONFIGURATOR_ADD"
3483 res = hapd.request(cmd);
3484 if "FAIL" in res:
3485 raise Exception("Failed to add configurator")
3486 conf_id = int(res)
3487
3488 hapd.set("dpp_configurator_params",
3489 " conf=sta-dpp configurator=%d" % conf_id);
3490
3491 addr = hapd.own_addr().replace(':', '')
3492 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3493 res = hapd.request(cmd)
3494 if "FAIL" in res:
3495 raise Exception("Failed to generate bootstrapping info")
3496 id0 = int(res)
3497 uri0 = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id0)
3498
3499 res = dev[0].request("DPP_QR_CODE " + uri0)
3500 if "FAIL" in res:
3501 raise Exception("Failed to parse QR Code URI")
3502 id1 = int(res)
3503
3504 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % (id1)
3505 if "OK" not in dev[0].request(cmd):
3506 raise Exception("Failed to initiate DPP Authentication")
3507
3508 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3509 if ev is None:
3510 raise Exception("DPP authentication did not succeed (Responder)")
3511 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3512 if ev is None:
3513 raise Exception("DPP authentication did not succeed (Initiator)")
3514 ev = hapd.wait_event(["DPP-CONF-SENT"], timeout=5)
3515 if ev is None:
3516 raise Exception("DPP configuration not completed (Configurator)")
3517 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3518 if ev is None:
3519 raise Exception("DPP configuration not completed (Enrollee)")
3520 dev[0].request("DPP_STOP_LISTEN")
3521 dev[0].dump_monitor()
3522
3523 def test_dpp_own_config(dev, apdev):
3524 """DPP configurator signing own connector"""
3525 try:
3526 run_dpp_own_config(dev, apdev)
3527 finally:
3528 dev[0].set("dpp_config_processing", "0")
3529
3530 def test_dpp_own_config_group_id(dev, apdev):
3531 """DPP configurator signing own connector"""
3532 try:
3533 run_dpp_own_config(dev, apdev, extra=" group_id=test-group")
3534 finally:
3535 dev[0].set("dpp_config_processing", "0")
3536
3537 def test_dpp_own_config_curve_mismatch(dev, apdev):
3538 """DPP configurator signing own connector using mismatching curve"""
3539 try:
3540 run_dpp_own_config(dev, apdev, own_curve="BP-384", expect_failure=True)
3541 finally:
3542 dev[0].set("dpp_config_processing", "0")
3543
3544 def run_dpp_own_config(dev, apdev, own_curve=None, expect_failure=False,
3545 extra=""):
3546 check_dpp_capab(dev[0], own_curve and "BP" in own_curve)
3547 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
3548 check_dpp_capab(hapd)
3549
3550 addr = hapd.own_addr().replace(':', '')
3551 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3552 res = hapd.request(cmd)
3553 if "FAIL" in res:
3554 raise Exception("Failed to generate bootstrapping info")
3555 id_h = int(res)
3556 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id_h)
3557
3558 cmd = "DPP_CONFIGURATOR_ADD"
3559 res = dev[0].request(cmd);
3560 if "FAIL" in res:
3561 raise Exception("Failed to add configurator")
3562 conf_id = int(res)
3563
3564 res = dev[0].request("DPP_QR_CODE " + uri)
3565 if "FAIL" in res:
3566 raise Exception("Failed to parse QR Code URI")
3567 id = int(res)
3568
3569 cmd = "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d%s" % (id, conf_id, extra)
3570 if "OK" not in dev[0].request(cmd):
3571 raise Exception("Failed to initiate DPP Authentication")
3572 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3573 if ev is None:
3574 raise Exception("DPP authentication did not succeed (Responder)")
3575 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3576 if ev is None:
3577 raise Exception("DPP authentication did not succeed (Initiator)")
3578 ev = dev[0].wait_event(["DPP-CONF-SENT"], timeout=5)
3579 if ev is None:
3580 raise Exception("DPP configuration not completed (Configurator)")
3581 ev = hapd.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3582 if ev is None:
3583 raise Exception("DPP configuration not completed (Enrollee)")
3584
3585 update_hapd_config(hapd)
3586
3587 dev[0].set("dpp_config_processing", "1")
3588 cmd = "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d%s" % (conf_id, extra)
3589 if own_curve:
3590 cmd += " curve=" + own_curve
3591 res = dev[0].request(cmd)
3592 if "FAIL" in res:
3593 raise Exception("Failed to generate own configuration")
3594
3595 ev = dev[0].wait_event(["DPP-NETWORK-ID"], timeout=1)
3596 if ev is None:
3597 raise Exception("DPP network profile not generated")
3598 id = ev.split(' ')[1]
3599 dev[0].select_network(id, freq="2412")
3600 if expect_failure:
3601 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
3602 if ev is not None:
3603 raise Exception("Unexpected connection");
3604 dev[0].request("DISCONNECT")
3605 else:
3606 dev[0].wait_connected()
3607
3608 def test_dpp_own_config_ap(dev, apdev):
3609 """DPP configurator (AP) signing own connector"""
3610 try:
3611 run_dpp_own_config_ap(dev, apdev)
3612 finally:
3613 dev[0].set("dpp_config_processing", "0")
3614
3615 def test_dpp_own_config_ap_group_id(dev, apdev):
3616 """DPP configurator (AP) signing own connector (group_id)"""
3617 try:
3618 run_dpp_own_config_ap(dev, apdev, extra=" group_id=test-group")
3619 finally:
3620 dev[0].set("dpp_config_processing", "0")
3621
3622 def test_dpp_own_config_ap_reconf(dev, apdev):
3623 """DPP configurator (AP) signing own connector and configurator reconf"""
3624 try:
3625 run_dpp_own_config_ap(dev, apdev)
3626 finally:
3627 dev[0].set("dpp_config_processing", "0")
3628
3629 def run_dpp_own_config_ap(dev, apdev, reconf_configurator=False, extra=""):
3630 check_dpp_capab(dev[0])
3631 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
3632 check_dpp_capab(hapd)
3633
3634 cmd = "DPP_CONFIGURATOR_ADD"
3635 res = hapd.request(cmd);
3636 if "FAIL" in res:
3637 raise Exception("Failed to add configurator")
3638 conf_id = int(res)
3639
3640 if reconf_configurator:
3641 csign = hapd.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id)
3642 if "FAIL" in csign or len(csign) == 0:
3643 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
3644
3645 cmd = "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d%s" % (conf_id, extra)
3646 res = hapd.request(cmd)
3647 if "FAIL" in res:
3648 raise Exception("Failed to generate own configuration")
3649 update_hapd_config(hapd)
3650
3651 if reconf_configurator:
3652 res = hapd.request("DPP_CONFIGURATOR_REMOVE %d" % conf_id)
3653 if "OK" not in res:
3654 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
3655 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
3656 res = hapd.request(cmd);
3657 if "FAIL" in res:
3658 raise Exception("Failed to add configurator (reconf)")
3659 conf_id = int(res)
3660
3661 addr = dev[0].own_addr().replace(':', '')
3662 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3663 res = dev[0].request(cmd)
3664 if "FAIL" in res:
3665 raise Exception("Failed to generate bootstrapping info")
3666 id = int(res)
3667 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
3668
3669 res = hapd.request("DPP_QR_CODE " + uri)
3670 if "FAIL" in res:
3671 raise Exception("Failed to parse QR Code URI")
3672 id = int(res)
3673
3674 dev[0].set("dpp_config_processing", "2")
3675 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
3676 raise Exception("Failed to start listen operation")
3677 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d%s" % (id, conf_id, extra)
3678 if "OK" not in hapd.request(cmd):
3679 raise Exception("Failed to initiate DPP Authentication")
3680 ev = hapd.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
3681 if ev is None:
3682 raise Exception("DPP authentication did not succeed (Initiator)")
3683 ev = hapd.wait_event(["DPP-CONF-SENT"], timeout=5)
3684 if ev is None:
3685 raise Exception("DPP configuration not completed (Configurator)")
3686 ev = dev[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout=5)
3687 if ev is None:
3688 raise Exception("DPP configuration not completed (Enrollee)")
3689 if "DPP-CONF-RECEIVED" not in ev:
3690 raise Exception("DPP configuration failed (Enrollee)")
3691
3692 dev[0].wait_connected()
3693
3694 def test_dpp_intro_mismatch(dev, apdev):
3695 """DPP network introduction mismatch cases"""
3696 try:
3697 wpas = None
3698 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
3699 wpas.interface_add("wlan5")
3700 check_dpp_capab(wpas)
3701 run_dpp_intro_mismatch(dev, apdev, wpas)
3702 finally:
3703 dev[0].set("dpp_config_processing", "0")
3704 dev[2].set("dpp_config_processing", "0")
3705 if wpas:
3706 wpas.set("dpp_config_processing", "0")
3707
3708 def run_dpp_intro_mismatch(dev, apdev, wpas):
3709 check_dpp_capab(dev[0])
3710 check_dpp_capab(dev[1])
3711 check_dpp_capab(dev[2])
3712
3713 logger.info("Start AP in unconfigured state")
3714 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
3715 check_dpp_capab(hapd)
3716
3717 addr = hapd.own_addr().replace(':', '')
3718 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3719 res = hapd.request(cmd)
3720 if "FAIL" in res:
3721 raise Exception("Failed to generate bootstrapping info")
3722 id_h = int(res)
3723 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id_h)
3724
3725 logger.info("Provision AP with DPP configuration")
3726 res = dev[1].request("DPP_CONFIGURATOR_ADD");
3727 if "FAIL" in res:
3728 raise Exception("Failed to add configurator")
3729 conf_id = int(res)
3730
3731 res = dev[1].request("DPP_QR_CODE " + uri)
3732 if "FAIL" in res:
3733 raise Exception("Failed to parse QR Code URI")
3734 id = int(res)
3735
3736 dev[1].set("dpp_groups_override", '[{"groupId":"a","netRole":"ap"}]')
3737 cmd = "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id)
3738 if "OK" not in dev[1].request(cmd):
3739 raise Exception("Failed to initiate DPP Authentication")
3740 update_hapd_config(hapd)
3741
3742 logger.info("Provision STA0 with DPP Connector that has mismatching groupId")
3743 dev[0].set("dpp_config_processing", "2")
3744 addr = dev[0].own_addr().replace(':', '')
3745 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3746 res = dev[0].request(cmd)
3747 if "FAIL" in res:
3748 raise Exception("Failed to generate bootstrapping info")
3749 id0 = int(res)
3750 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
3751
3752 res = dev[1].request("DPP_QR_CODE " + uri0)
3753 if "FAIL" in res:
3754 raise Exception("Failed to parse QR Code URI")
3755 id1 = int(res)
3756
3757 cmd = "DPP_LISTEN 2412"
3758 if "OK" not in dev[0].request(cmd):
3759 raise Exception("Failed to start listen operation")
3760
3761 dev[1].set("dpp_groups_override", '[{"groupId":"b","netRole":"sta"}]')
3762 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
3763 if "OK" not in dev[1].request(cmd):
3764 raise Exception("Failed to initiate DPP Authentication")
3765 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
3766 if ev is None:
3767 raise Exception("DPP configuration not completed (Configurator for STA0)")
3768 ev = dev[0].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3769 if ev is None:
3770 raise Exception("DPP configuration not completed (Enrollee STA0)")
3771
3772 logger.info("Provision STA2 with DPP Connector that has mismatching C-sign-key")
3773 dev[2].set("dpp_config_processing", "2")
3774 addr = dev[2].own_addr().replace(':', '')
3775 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3776 res = dev[2].request(cmd)
3777 if "FAIL" in res:
3778 raise Exception("Failed to generate bootstrapping info")
3779 id2 = int(res)
3780 uri2 = dev[2].request("DPP_BOOTSTRAP_GET_URI %d" % id2)
3781
3782 res = dev[1].request("DPP_QR_CODE " + uri2)
3783 if "FAIL" in res:
3784 raise Exception("Failed to parse QR Code URI")
3785 id1 = int(res)
3786
3787 cmd = "DPP_LISTEN 2412"
3788 if "OK" not in dev[2].request(cmd):
3789 raise Exception("Failed to start listen operation")
3790
3791 res = dev[1].request("DPP_CONFIGURATOR_ADD");
3792 if "FAIL" in res:
3793 raise Exception("Failed to add configurator")
3794 conf_id_2 = int(res)
3795 dev[1].set("dpp_groups_override", '')
3796 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id_2)
3797 if "OK" not in dev[1].request(cmd):
3798 raise Exception("Failed to initiate DPP Authentication")
3799 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
3800 if ev is None:
3801 raise Exception("DPP configuration not completed (Configurator for STA2)")
3802 ev = dev[2].wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3803 if ev is None:
3804 raise Exception("DPP configuration not completed (Enrollee STA2)")
3805
3806 logger.info("Provision STA5 with DPP Connector that has mismatching netAccessKey EC group")
3807 wpas.set("dpp_config_processing", "2")
3808 addr = wpas.own_addr().replace(':', '')
3809 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3810 cmd += " curve=P-521"
3811 res = wpas.request(cmd)
3812 if "FAIL" in res:
3813 raise Exception("Failed to generate bootstrapping info")
3814 id5 = int(res)
3815 uri5 = wpas.request("DPP_BOOTSTRAP_GET_URI %d" % id5)
3816
3817 res = dev[1].request("DPP_QR_CODE " + uri5)
3818 if "FAIL" in res:
3819 raise Exception("Failed to parse QR Code URI")
3820 id1 = int(res)
3821
3822 cmd = "DPP_LISTEN 2412"
3823 if "OK" not in wpas.request(cmd):
3824 raise Exception("Failed to start listen operation")
3825
3826 dev[1].set("dpp_groups_override", '')
3827 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
3828 if "OK" not in dev[1].request(cmd):
3829 raise Exception("Failed to initiate DPP Authentication")
3830 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=5)
3831 if ev is None:
3832 raise Exception("DPP configuration not completed (Configurator for STA0)")
3833 ev = wpas.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
3834 if ev is None:
3835 raise Exception("DPP configuration not completed (Enrollee STA5)")
3836
3837 logger.info("Verify network introduction results")
3838 ev = dev[0].wait_event(["DPP-INTRO"], timeout=10)
3839 if ev is None:
3840 raise Exception("DPP network introduction result not seen on STA0")
3841 if "status=8" not in ev:
3842 raise Exception("Unexpected network introduction result on STA0: " + ev)
3843
3844 ev = dev[2].wait_event(["DPP-INTRO"], timeout=5)
3845 if ev is None:
3846 raise Exception("DPP network introduction result not seen on STA2")
3847 if "status=8" not in ev:
3848 raise Exception("Unexpected network introduction result on STA2: " + ev)
3849
3850 ev = wpas.wait_event(["DPP-INTRO"], timeout=10)
3851 if ev is None:
3852 raise Exception("DPP network introduction result not seen on STA5")
3853 if "status=7" not in ev:
3854 raise Exception("Unexpected network introduction result on STA5: " + ev)
3855
3856 def run_dpp_proto_init(dev, test_dev, test, mutual=False, unicast=True,
3857 listen=True, chan="81/1", init_enrollee=False,
3858 incompatible_roles=False):
3859 check_dpp_capab(dev[0])
3860 check_dpp_capab(dev[1])
3861 dev[test_dev].set("dpp_test", str(test))
3862
3863 cmd = "DPP_CONFIGURATOR_ADD"
3864 if init_enrollee:
3865 res = dev[0].request(cmd)
3866 else:
3867 res = dev[1].request(cmd)
3868 if "FAIL" in res:
3869 raise Exception("Failed to add configurator")
3870 conf_id = int(res)
3871
3872 addr = dev[0].own_addr().replace(':', '')
3873 cmd = "DPP_BOOTSTRAP_GEN type=qrcode"
3874 if chan:
3875 cmd += " chan=" + chan
3876 if unicast:
3877 cmd += " mac=" + addr
3878 res = dev[0].request(cmd)
3879 if "FAIL" in res:
3880 raise Exception("Failed to generate bootstrapping info")
3881 id0 = int(res)
3882 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
3883
3884 res = dev[1].request("DPP_QR_CODE " + uri0)
3885 if "FAIL" in res:
3886 raise Exception("Failed to parse QR Code URI")
3887 id1 = int(res)
3888
3889 if mutual:
3890 addr = dev[1].own_addr().replace(':', '')
3891 res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
3892 if "FAIL" in res:
3893 raise Exception("Failed to generate bootstrapping info")
3894 id1b = int(res)
3895 uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
3896
3897 res = dev[0].request("DPP_QR_CODE " + uri1b)
3898 if "FAIL" in res:
3899 raise Exception("Failed to parse QR Code URI")
3900 id0b = int(res)
3901
3902 cmd = "DPP_LISTEN 2412 qr=mutual"
3903 else:
3904 cmd = "DPP_LISTEN 2412"
3905
3906 if init_enrollee:
3907 if incompatible_roles:
3908 cmd += " role=enrollee"
3909 else:
3910 cmd += " role=configurator"
3911 dev[0].set("dpp_configurator_params",
3912 " conf=sta-dpp configurator=%d" % conf_id);
3913 elif incompatible_roles:
3914 cmd += " role=enrollee"
3915
3916 if listen:
3917 if "OK" not in dev[0].request(cmd):
3918 raise Exception("Failed to start listen operation")
3919
3920 if init_enrollee:
3921 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % (id1)
3922 else:
3923 cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1, conf_id)
3924 if incompatible_roles:
3925 cmd += " role=enrollee"
3926 if mutual:
3927 cmd += " own=%d" % id1b
3928 if "OK" not in dev[1].request(cmd):
3929 raise Exception("Failed to initiate DPP Authentication")
3930
3931 def test_dpp_proto_after_wrapped_data_auth_req(dev, apdev):
3932 """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
3933 run_dpp_proto_init(dev, 1, 1)
3934 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
3935 if ev is None:
3936 raise Exception("DPP Authentication Request not seen")
3937 if "type=0" not in ev or "ignore=invalid-attributes" not in ev:
3938 raise Exception("Unexpected RX info: " + ev)
3939 ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
3940 if ev is not None:
3941 raise Exception("Unexpected DPP message seen")
3942
3943 def test_dpp_auth_req_stop_after_ack(dev, apdev):
3944 """DPP initiator stopping after ACK, but no response"""
3945 run_dpp_proto_init(dev, 1, 1, listen=True)
3946 ev = dev[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout=5)
3947 if ev is None:
3948 raise Exception("Authentication failure not reported")
3949
3950 def test_dpp_auth_req_retries(dev, apdev):
3951 """DPP initiator retries with no ACK"""
3952 check_dpp_capab(dev[1])
3953 dev[1].set("dpp_init_max_tries", "3")
3954 dev[1].set("dpp_init_retry_time", "1000")
3955 dev[1].set("dpp_resp_wait_time", "100")
3956 run_dpp_proto_init(dev, 1, 1, unicast=False, listen=False)
3957
3958 for i in range(3):
3959 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
3960 if ev is None:
3961 raise Exception("Auth Req not sent (%d)" % i)
3962
3963 ev = dev[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout=5)
3964 if ev is None:
3965 raise Exception("Authentication failure not reported")
3966
3967 def test_dpp_auth_req_retries_multi_chan(dev, apdev):
3968 """DPP initiator retries with no ACK and multiple channels"""
3969 check_dpp_capab(dev[1])
3970 dev[1].set("dpp_init_max_tries", "3")
3971 dev[1].set("dpp_init_retry_time", "1000")
3972 dev[1].set("dpp_resp_wait_time", "100")
3973 run_dpp_proto_init(dev, 1, 1, unicast=False, listen=False,
3974 chan="81/1,81/6,81/11")
3975
3976 for i in range(3 * 3):
3977 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
3978 if ev is None:
3979 raise Exception("Auth Req not sent (%d)" % i)
3980
3981 ev = dev[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout=5)
3982 if ev is None:
3983 raise Exception("Authentication failure not reported")
3984
3985 def test_dpp_proto_after_wrapped_data_auth_resp(dev, apdev):
3986 """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
3987 run_dpp_proto_init(dev, 0, 2)
3988 ev = dev[1].wait_event(["DPP-RX"], timeout=5)
3989 if ev is None:
3990 raise Exception("DPP Authentication Response not seen")
3991 if "type=1" not in ev or "ignore=invalid-attributes" not in ev:
3992 raise Exception("Unexpected RX info: " + ev)
3993 ev = dev[0].wait_event(["DPP-RX"], timeout=1)
3994 if ev is None or "type=0" not in ev:
3995 raise Exception("DPP Authentication Request not seen")
3996 ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
3997 if ev is not None:
3998 raise Exception("Unexpected DPP message seen")
3999
4000 def test_dpp_proto_after_wrapped_data_auth_conf(dev, apdev):
4001 """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
4002 run_dpp_proto_init(dev, 1, 3)
4003 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
4004 if ev is None or "type=0" not in ev:
4005 raise Exception("DPP Authentication Request not seen")
4006 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
4007 if ev is None:
4008 raise Exception("DPP Authentication Confirm not seen")
4009 if "type=2" not in ev or "ignore=invalid-attributes" not in ev:
4010 raise Exception("Unexpected RX info: " + ev)
4011
4012 def test_dpp_proto_after_wrapped_data_conf_req(dev, apdev):
4013 """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
4014 run_dpp_proto_init(dev, 0, 6)
4015 ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=10)
4016 if ev is None:
4017 raise Exception("DPP Configuration failure not seen")
4018
4019 def test_dpp_proto_after_wrapped_data_conf_resp(dev, apdev):
4020 """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
4021 run_dpp_proto_init(dev, 1, 7)
4022 ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=10)
4023 if ev is None:
4024 raise Exception("DPP Configuration failure not seen")
4025
4026 def test_dpp_proto_zero_i_capab(dev, apdev):
4027 """DPP protocol testing - zero I-capability in Auth Req"""
4028 run_dpp_proto_init(dev, 1, 8)
4029 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4030 if ev is None:
4031 raise Exception("DPP failure not seen")
4032 if "Invalid role in I-capabilities 0x00" not in ev:
4033 raise Exception("Unexpected failure: " + ev)
4034 ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
4035 if ev is not None:
4036 raise Exception("Unexpected DPP message seen")
4037
4038 def test_dpp_proto_zero_r_capab(dev, apdev):
4039 """DPP protocol testing - zero R-capability in Auth Resp"""
4040 run_dpp_proto_init(dev, 0, 9)
4041 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4042 if ev is None:
4043 raise Exception("DPP failure not seen")
4044 if "Unexpected role in R-capabilities 0x00" not in ev:
4045 raise Exception("Unexpected failure: " + ev)
4046 ev = dev[0].wait_event(["DPP-RX"], timeout=1)
4047 if ev is None or "type=0" not in ev:
4048 raise Exception("DPP Authentication Request not seen")
4049 ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
4050 if ev is not None:
4051 raise Exception("Unexpected DPP message seen")
4052
4053 def run_dpp_proto_auth_req_missing(dev, test, reason, mutual=False):
4054 run_dpp_proto_init(dev, 1, test, mutual=mutual)
4055 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4056 if ev is None:
4057 raise Exception("DPP failure not seen")
4058 if reason not in ev:
4059 raise Exception("Unexpected failure: " + ev)
4060 ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
4061 if ev is not None:
4062 raise Exception("Unexpected DPP message seen")
4063
4064 def test_dpp_proto_auth_req_no_r_bootstrap_key(dev, apdev):
4065 """DPP protocol testing - no R-bootstrap key in Auth Req"""
4066 run_dpp_proto_auth_req_missing(dev, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4067
4068 def test_dpp_proto_auth_req_invalid_r_bootstrap_key(dev, apdev):
4069 """DPP protocol testing - invalid R-bootstrap key in Auth Req"""
4070 run_dpp_proto_auth_req_missing(dev, 68, "No matching own bootstrapping key found - ignore message")
4071
4072 def test_dpp_proto_auth_req_no_i_bootstrap_key(dev, apdev):
4073 """DPP protocol testing - no I-bootstrap key in Auth Req"""
4074 run_dpp_proto_auth_req_missing(dev, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
4075
4076 def test_dpp_proto_auth_req_invalid_i_bootstrap_key(dev, apdev):
4077 """DPP protocol testing - invalid I-bootstrap key in Auth Req"""
4078 run_dpp_proto_init(dev, 1, 69, mutual=True)
4079 ev = dev[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=5)
4080 if ev is None:
4081 raise Exception("DPP scan request not seen")
4082 ev = dev[1].wait_event(["DPP-RESPONSE-PENDING"], timeout=5)
4083 if ev is None:
4084 raise Exception("DPP response pending indivation not seen")
4085
4086 def test_dpp_proto_auth_req_no_i_proto_key(dev, apdev):
4087 """DPP protocol testing - no I-proto key in Auth Req"""
4088 run_dpp_proto_auth_req_missing(dev, 12, "Missing required Initiator Protocol Key attribute")
4089
4090 def test_dpp_proto_auth_req_invalid_i_proto_key(dev, apdev):
4091 """DPP protocol testing - invalid I-proto key in Auth Req"""
4092 run_dpp_proto_auth_req_missing(dev, 66, "Invalid Initiator Protocol Key")
4093
4094 def test_dpp_proto_auth_req_no_i_nonce(dev, apdev):
4095 """DPP protocol testing - no I-nonce in Auth Req"""
4096 run_dpp_proto_auth_req_missing(dev, 13, "Missing or invalid I-nonce")
4097
4098 def test_dpp_proto_auth_req_invalid_i_nonce(dev, apdev):
4099 """DPP protocol testing - invalid I-nonce in Auth Req"""
4100 run_dpp_proto_auth_req_missing(dev, 81, "Missing or invalid I-nonce")
4101
4102 def test_dpp_proto_auth_req_no_i_capab(dev, apdev):
4103 """DPP protocol testing - no I-capab in Auth Req"""
4104 run_dpp_proto_auth_req_missing(dev, 14, "Missing or invalid I-capab")
4105
4106 def test_dpp_proto_auth_req_no_wrapped_data(dev, apdev):
4107 """DPP protocol testing - no Wrapped Data in Auth Req"""
4108 run_dpp_proto_auth_req_missing(dev, 15, "Missing or invalid required Wrapped Data attribute")
4109
4110 def run_dpp_proto_auth_resp_missing(dev, test, reason,
4111 incompatible_roles=False):
4112 run_dpp_proto_init(dev, 0, test, mutual=True,
4113 incompatible_roles=incompatible_roles)
4114 if reason is None:
4115 time.sleep(0.1)
4116 return
4117 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4118 if ev is None:
4119 raise Exception("DPP failure not seen")
4120 if reason not in ev:
4121 raise Exception("Unexpected failure: " + ev)
4122 ev = dev[0].wait_event(["DPP-RX"], timeout=1)
4123 if ev is None or "type=0" not in ev:
4124 raise Exception("DPP Authentication Request not seen")
4125 ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
4126 if ev is not None:
4127 raise Exception("Unexpected DPP message seen")
4128
4129 def test_dpp_proto_auth_resp_no_status(dev, apdev):
4130 """DPP protocol testing - no Status in Auth Resp"""
4131 run_dpp_proto_auth_resp_missing(dev, 16, "Missing or invalid required DPP Status attribute")
4132
4133 def test_dpp_proto_auth_resp_status_no_status(dev, apdev):
4134 """DPP protocol testing - no Status in Auth Resp(status)"""
4135 run_dpp_proto_auth_resp_missing(dev, 16,
4136 "Missing or invalid required DPP Status attribute",
4137 incompatible_roles=True)
4138
4139 def test_dpp_proto_auth_resp_invalid_status(dev, apdev):
4140 """DPP protocol testing - invalid Status in Auth Resp"""
4141 run_dpp_proto_auth_resp_missing(dev, 74, "Responder reported failure")
4142
4143 def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev, apdev):
4144 """DPP protocol testing - no R-bootstrap key in Auth Resp"""
4145 run_dpp_proto_auth_resp_missing(dev, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4146
4147 def test_dpp_proto_auth_resp_status_no_r_bootstrap_key(dev, apdev):
4148 """DPP protocol testing - no R-bootstrap key in Auth Resp(status)"""
4149 run_dpp_proto_auth_resp_missing(dev, 17,
4150 "Missing or invalid required Responder Bootstrapping Key Hash attribute",
4151 incompatible_roles=True)
4152
4153 def test_dpp_proto_auth_resp_invalid_r_bootstrap_key(dev, apdev):
4154 """DPP protocol testing - invalid R-bootstrap key in Auth Resp"""
4155 run_dpp_proto_auth_resp_missing(dev, 70, "Unexpected Responder Bootstrapping Key Hash value")
4156
4157 def test_dpp_proto_auth_resp_status_invalid_r_bootstrap_key(dev, apdev):
4158 """DPP protocol testing - invalid R-bootstrap key in Auth Resp(status)"""
4159 run_dpp_proto_auth_resp_missing(dev, 70,
4160 "Unexpected Responder Bootstrapping Key Hash value",
4161 incompatible_roles=True)
4162
4163 def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev, apdev):
4164 """DPP protocol testing - no I-bootstrap key in Auth Resp"""
4165 run_dpp_proto_auth_resp_missing(dev, 18, None)
4166
4167 def test_dpp_proto_auth_resp_status_no_i_bootstrap_key(dev, apdev):
4168 """DPP protocol testing - no I-bootstrap key in Auth Resp(status)"""
4169 run_dpp_proto_auth_resp_missing(dev, 18, None, incompatible_roles=True)
4170
4171 def test_dpp_proto_auth_resp_invalid_i_bootstrap_key(dev, apdev):
4172 """DPP protocol testing - invalid I-bootstrap key in Auth Resp"""
4173 run_dpp_proto_auth_resp_missing(dev, 71, "Initiator Bootstrapping Key Hash attribute did not match")
4174
4175 def test_dpp_proto_auth_resp_status_invalid_i_bootstrap_key(dev, apdev):
4176 """DPP protocol testing - invalid I-bootstrap key in Auth Resp(status)"""
4177 run_dpp_proto_auth_resp_missing(dev, 71,
4178 "Initiator Bootstrapping Key Hash attribute did not match",
4179 incompatible_roles=True)
4180
4181 def test_dpp_proto_auth_resp_no_r_proto_key(dev, apdev):
4182 """DPP protocol testing - no R-Proto Key in Auth Resp"""
4183 run_dpp_proto_auth_resp_missing(dev, 19, "Missing required Responder Protocol Key attribute")
4184
4185 def test_dpp_proto_auth_resp_invalid_r_proto_key(dev, apdev):
4186 """DPP protocol testing - invalid R-Proto Key in Auth Resp"""
4187 run_dpp_proto_auth_resp_missing(dev, 67, "Invalid Responder Protocol Key")
4188
4189 def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev):
4190 """DPP protocol testing - no R-nonce in Auth Resp"""
4191 run_dpp_proto_auth_resp_missing(dev, 20, "Missing or invalid R-nonce")
4192
4193 def test_dpp_proto_auth_resp_no_i_nonce(dev, apdev):
4194 """DPP protocol testing - no I-nonce in Auth Resp"""
4195 run_dpp_proto_auth_resp_missing(dev, 21, "Missing or invalid I-nonce")
4196
4197 def test_dpp_proto_auth_resp_status_no_i_nonce(dev, apdev):
4198 """DPP protocol testing - no I-nonce in Auth Resp(status)"""
4199 run_dpp_proto_auth_resp_missing(dev, 21, "Missing or invalid I-nonce",
4200 incompatible_roles=True)
4201
4202 def test_dpp_proto_auth_resp_no_r_capab(dev, apdev):
4203 """DPP protocol testing - no R-capab in Auth Resp"""
4204 run_dpp_proto_auth_resp_missing(dev, 22, "Missing or invalid R-capabilities")
4205
4206 def test_dpp_proto_auth_resp_no_r_auth(dev, apdev):
4207 """DPP protocol testing - no R-auth in Auth Resp"""
4208 run_dpp_proto_auth_resp_missing(dev, 23, "Missing or invalid Secondary Wrapped Data")
4209
4210 def test_dpp_proto_auth_resp_no_wrapped_data(dev, apdev):
4211 """DPP protocol testing - no Wrapped Data in Auth Resp"""
4212 run_dpp_proto_auth_resp_missing(dev, 24, "Missing or invalid required Wrapped Data attribute")
4213
4214 def test_dpp_proto_auth_resp_i_nonce_mismatch(dev, apdev):
4215 """DPP protocol testing - I-nonce mismatch in Auth Resp"""
4216 run_dpp_proto_init(dev, 0, 30, mutual=True)
4217 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4218 if ev is None:
4219 raise Exception("DPP failure not seen")
4220 if "I-nonce mismatch" not in ev:
4221 raise Exception("Unexpected failure: " + ev)
4222 ev = dev[0].wait_event(["DPP-RX"], timeout=1)
4223 if ev is None or "type=0" not in ev:
4224 raise Exception("DPP Authentication Request not seen")
4225 ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
4226 if ev is not None:
4227 raise Exception("Unexpected DPP message seen")
4228
4229 def test_dpp_proto_auth_resp_incompatible_r_capab(dev, apdev):
4230 """DPP protocol testing - Incompatible R-capab in Auth Resp"""
4231 run_dpp_proto_init(dev, 0, 31, mutual=True)
4232 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4233 if ev is None:
4234 raise Exception("DPP failure not seen")
4235 if "Unexpected role in R-capabilities 0x02" not in ev:
4236 raise Exception("Unexpected failure: " + ev)
4237 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4238 if ev is None:
4239 raise Exception("DPP failure not seen")
4240 if "Peer reported incompatible R-capab role" not in ev:
4241 raise Exception("Unexpected failure: " + ev)
4242
4243 def test_dpp_proto_auth_resp_r_auth_mismatch(dev, apdev):
4244 """DPP protocol testing - R-auth mismatch in Auth Resp"""
4245 run_dpp_proto_init(dev, 0, 32, mutual=True)
4246 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4247 if ev is None:
4248 raise Exception("DPP failure not seen")
4249 if "Mismatching Responder Authenticating Tag" not in ev:
4250 raise Exception("Unexpected failure: " + ev)
4251 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4252 if ev is None:
4253 raise Exception("DPP failure not seen")
4254 if "Peer reported authentication failure" not in ev:
4255 raise Exception("Unexpected failure: " + ev)
4256
4257 def test_dpp_proto_auth_resp_r_auth_mismatch_failure(dev, apdev):
4258 """DPP protocol testing - Auth Conf RX processing failure"""
4259 with alloc_fail(dev[0], 1, "dpp_auth_conf_rx_failure"):
4260 run_dpp_proto_init(dev, 0, 32, mutual=True)
4261 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4262 if ev is None:
4263 raise Exception("DPP failure not seen")
4264 if "Authentication failed" not in ev:
4265 raise Exception("Unexpected failure: " + ev)
4266
4267 def test_dpp_proto_auth_resp_r_auth_mismatch_failure2(dev, apdev):
4268 """DPP protocol testing - Auth Conf RX processing failure 2"""
4269 with fail_test(dev[0], 1, "dpp_auth_conf_rx_failure"):
4270 run_dpp_proto_init(dev, 0, 32, mutual=True)
4271 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4272 if ev is None:
4273 raise Exception("DPP failure not seen")
4274 if "AES-SIV decryption failed" not in ev:
4275 raise Exception("Unexpected failure: " + ev)
4276
4277 def run_dpp_proto_auth_conf_missing(dev, test, reason):
4278 run_dpp_proto_init(dev, 1, test, mutual=True)
4279 if reason is None:
4280 time.sleep(0.1)
4281 return
4282 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4283 if ev is None:
4284 raise Exception("DPP failure not seen")
4285 if reason not in ev:
4286 raise Exception("Unexpected failure: " + ev)
4287
4288 def test_dpp_proto_auth_conf_no_status(dev, apdev):
4289 """DPP protocol testing - no Status in Auth Conf"""
4290 run_dpp_proto_auth_conf_missing(dev, 25, "Missing or invalid required DPP Status attribute")
4291
4292 def test_dpp_proto_auth_conf_invalid_status(dev, apdev):
4293 """DPP protocol testing - invalid Status in Auth Conf"""
4294 run_dpp_proto_auth_conf_missing(dev, 75, "Authentication failed")
4295
4296 def test_dpp_proto_auth_conf_no_r_bootstrap_key(dev, apdev):
4297 """DPP protocol testing - no R-bootstrap key in Auth Conf"""
4298 run_dpp_proto_auth_conf_missing(dev, 26, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4299
4300 def test_dpp_proto_auth_conf_invalid_r_bootstrap_key(dev, apdev):
4301 """DPP protocol testing - invalid R-bootstrap key in Auth Conf"""
4302 run_dpp_proto_auth_conf_missing(dev, 72, "Responder Bootstrapping Key Hash mismatch")
4303
4304 def test_dpp_proto_auth_conf_no_i_bootstrap_key(dev, apdev):
4305 """DPP protocol testing - no I-bootstrap key in Auth Conf"""
4306 run_dpp_proto_auth_conf_missing(dev, 27, "Missing Initiator Bootstrapping Key Hash attribute")
4307
4308 def test_dpp_proto_auth_conf_invalid_i_bootstrap_key(dev, apdev):
4309 """DPP protocol testing - invalid I-bootstrap key in Auth Conf"""
4310 run_dpp_proto_auth_conf_missing(dev, 73, "Initiator Bootstrapping Key Hash mismatch")
4311
4312 def test_dpp_proto_auth_conf_no_i_auth(dev, apdev):
4313 """DPP protocol testing - no I-Auth in Auth Conf"""
4314 run_dpp_proto_auth_conf_missing(dev, 28, "Missing or invalid Initiator Authenticating Tag")
4315
4316 def test_dpp_proto_auth_conf_no_wrapped_data(dev, apdev):
4317 """DPP protocol testing - no Wrapped Data in Auth Conf"""
4318 run_dpp_proto_auth_conf_missing(dev, 29, "Missing or invalid required Wrapped Data attribute")
4319
4320 def test_dpp_proto_auth_conf_i_auth_mismatch(dev, apdev):
4321 """DPP protocol testing - I-auth mismatch in Auth Conf"""
4322 run_dpp_proto_init(dev, 1, 33, mutual=True)
4323 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4324 if ev is None:
4325 raise Exception("DPP failure not seen")
4326 if "Mismatching Initiator Authenticating Tag" not in ev:
4327 raise Excception("Unexpected failure: " + ev)
4328
4329 def test_dpp_proto_auth_conf_replaced_by_resp(dev, apdev):
4330 """DPP protocol testing - Auth Conf replaced by Resp"""
4331 run_dpp_proto_init(dev, 1, 65, mutual=True)
4332 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4333 if ev is None:
4334 raise Exception("DPP failure not seen")
4335 if "Unexpected Authentication Response" not in ev:
4336 raise Excception("Unexpected failure: " + ev)
4337
4338 def run_dpp_proto_conf_req_missing(dev, test, reason):
4339 run_dpp_proto_init(dev, 0, test)
4340 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4341 if ev is None:
4342 raise Exception("DPP failure not seen")
4343 if reason not in ev:
4344 raise Exception("Unexpected failure: " + ev)
4345
4346 def test_dpp_proto_conf_req_no_e_nonce(dev, apdev):
4347 """DPP protocol testing - no E-nonce in Conf Req"""
4348 run_dpp_proto_conf_req_missing(dev, 51,
4349 "Missing or invalid Enrollee Nonce attribute")
4350
4351 def test_dpp_proto_conf_req_invalid_e_nonce(dev, apdev):
4352 """DPP protocol testing - invalid E-nonce in Conf Req"""
4353 run_dpp_proto_conf_req_missing(dev, 83,
4354 "Missing or invalid Enrollee Nonce attribute")
4355
4356 def test_dpp_proto_conf_req_no_config_attr_obj(dev, apdev):
4357 """DPP protocol testing - no Config Attr Obj in Conf Req"""
4358 run_dpp_proto_conf_req_missing(dev, 52,
4359 "Missing or invalid Config Attributes attribute")
4360
4361 def test_dpp_proto_conf_req_invalid_config_attr_obj(dev, apdev):
4362 """DPP protocol testing - invalid Config Attr Obj in Conf Req"""
4363 run_dpp_proto_conf_req_missing(dev, 76,
4364 "Unsupported wi-fi_tech")
4365
4366 def test_dpp_proto_conf_req_no_wrapped_data(dev, apdev):
4367 """DPP protocol testing - no Wrapped Data in Conf Req"""
4368 run_dpp_proto_conf_req_missing(dev, 53,
4369 "Missing or invalid required Wrapped Data attribute")
4370
4371 def run_dpp_proto_conf_resp_missing(dev, test, reason):
4372 run_dpp_proto_init(dev, 1, test)
4373 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4374 if ev is None:
4375 raise Exception("DPP failure not seen")
4376 if reason not in ev:
4377 raise Exception("Unexpected failure: " + ev)
4378
4379 def test_dpp_proto_conf_resp_no_e_nonce(dev, apdev):
4380 """DPP protocol testing - no E-nonce in Conf Resp"""
4381 run_dpp_proto_conf_resp_missing(dev, 54,
4382 "Missing or invalid Enrollee Nonce attribute")
4383
4384 def test_dpp_proto_conf_resp_no_config_obj(dev, apdev):
4385 """DPP protocol testing - no Config Object in Conf Resp"""
4386 run_dpp_proto_conf_resp_missing(dev, 55,
4387 "Missing required Configuration Object attribute")
4388
4389 def test_dpp_proto_conf_resp_no_status(dev, apdev):
4390 """DPP protocol testing - no Status in Conf Resp"""
4391 run_dpp_proto_conf_resp_missing(dev, 56,
4392 "Missing or invalid required DPP Status attribute")
4393
4394 def test_dpp_proto_conf_resp_no_wrapped_data(dev, apdev):
4395 """DPP protocol testing - no Wrapped Data in Conf Resp"""
4396 run_dpp_proto_conf_resp_missing(dev, 57,
4397 "Missing or invalid required Wrapped Data attribute")
4398
4399 def test_dpp_proto_conf_resp_invalid_status(dev, apdev):
4400 """DPP protocol testing - invalid Status in Conf Resp"""
4401 run_dpp_proto_conf_resp_missing(dev, 58,
4402 "Configurator rejected configuration")
4403
4404 def test_dpp_proto_conf_resp_e_nonce_mismatch(dev, apdev):
4405 """DPP protocol testing - E-nonce mismatch in Conf Resp"""
4406 run_dpp_proto_conf_resp_missing(dev, 59,
4407 "Enrollee Nonce mismatch")
4408
4409 def test_dpp_proto_stop_at_auth_req(dev, apdev):
4410 """DPP protocol testing - stop when receiving Auth Req"""
4411 run_dpp_proto_init(dev, 0, 87)
4412 ev = dev[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout=5)
4413 if ev is None:
4414 raise Exception("Authentication init failure not reported")
4415
4416 def test_dpp_proto_stop_at_auth_resp(dev, apdev):
4417 """DPP protocol testing - stop when receiving Auth Resp"""
4418 run_dpp_proto_init(dev, 1, 88)
4419
4420 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4421 if ev is None:
4422 raise Exception("Auth Req TX not seen")
4423
4424 ev = dev[0].wait_event(["DPP-TX "], timeout=5)
4425 if ev is None:
4426 raise Exception("Auth Resp TX not seen")
4427
4428 ev = dev[1].wait_event(["DPP-TX "], timeout=0.1)
4429 if ev is not None:
4430 raise Exception("Unexpected Auth Conf TX")
4431
4432 def test_dpp_proto_stop_at_auth_conf(dev, apdev):
4433 """DPP protocol testing - stop when receiving Auth Conf"""
4434 run_dpp_proto_init(dev, 0, 89, init_enrollee=True)
4435 ev = dev[1].wait_event(["GAS-QUERY-START"], timeout=10)
4436 if ev is None:
4437 raise Exception("Enrollee did not start GAS")
4438 ev = dev[1].wait_event(["GAS-QUERY-DONE"], timeout=10)
4439 if ev is None:
4440 raise Exception("Enrollee did not time out GAS")
4441 if "result=TIMEOUT" not in ev:
4442 raise Exception("Unexpected GAS result: " + ev)
4443
4444 def test_dpp_proto_stop_at_auth_conf_tx(dev, apdev):
4445 """DPP protocol testing - stop when transmitting Auth Conf (Registrar)"""
4446 run_dpp_proto_init(dev, 1, 89, init_enrollee=True)
4447 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=10)
4448 if ev is None:
4449 raise Exception("Authentication did not succeed (Initiator)")
4450 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
4451 if ev is None:
4452 raise Exception("Authentication did not succeed (Responder)")
4453 ev = dev[1].wait_event(["GAS-QUERY-START"], timeout=0.1)
4454 if ev is not None:
4455 raise Exception("Unexpected GAS query")
4456
4457 # There is currently no timeout on GAS server side, so no event to wait for
4458 # in this case.
4459
4460 def test_dpp_proto_stop_at_auth_conf_tx2(dev, apdev):
4461 """DPP protocol testing - stop when transmitting Auth Conf (Enrollee)"""
4462 run_dpp_proto_init(dev, 1, 89)
4463 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=10)
4464 if ev is None:
4465 raise Exception("Authentication did not succeed (Initiator)")
4466 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
4467 if ev is None:
4468 raise Exception("Authentication did not succeed (Responder)")
4469
4470 ev = dev[0].wait_event(["GAS-QUERY-DONE"], timeout=5)
4471 if ev is None or "result=TIMEOUT" not in ev:
4472 raise Exception("GAS query did not time out")
4473
4474 def test_dpp_proto_stop_at_conf_req(dev, apdev):
4475 """DPP protocol testing - stop when receiving Auth Req"""
4476 run_dpp_proto_init(dev, 1, 90)
4477 ev = dev[0].wait_event(["GAS-QUERY-START"], timeout=10)
4478 if ev is None:
4479 raise Exception("Enrollee did not start GAS")
4480 ev = dev[0].wait_event(["GAS-QUERY-DONE"], timeout=10)
4481 if ev is None:
4482 raise Exception("Enrollee did not time out GAS")
4483 if "result=TIMEOUT" not in ev:
4484 raise Exception("Unexpected GAS result: " + ev)
4485
4486 def run_dpp_proto_init_pkex(dev, test_dev, test):
4487 check_dpp_capab(dev[0])
4488 check_dpp_capab(dev[1])
4489 dev[test_dev].set("dpp_test", str(test))
4490
4491 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
4492 res = dev[0].request(cmd)
4493 if "FAIL" in res:
4494 raise Exception("Failed to generate bootstrapping info")
4495 id0 = int(res)
4496
4497 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
4498 res = dev[1].request(cmd)
4499 if "FAIL" in res:
4500 raise Exception("Failed to generate bootstrapping info")
4501 id1 = int(res)
4502
4503 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
4504 res = dev[0].request(cmd)
4505 if "FAIL" in res:
4506 raise Exception("Failed to set PKEX data (responder)")
4507 cmd = "DPP_LISTEN 2437"
4508 if "OK" not in dev[0].request(cmd):
4509 raise Exception("Failed to start listen operation")
4510
4511 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
4512 res = dev[1].request(cmd)
4513 if "FAIL" in res:
4514 raise Exception("Failed to set PKEX data (initiator)")
4515
4516 def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev, apdev):
4517 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
4518 run_dpp_proto_init_pkex(dev, 1, 4)
4519 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
4520 if ev is None or "type=7" not in ev:
4521 raise Exception("PKEX Exchange Request not seen")
4522 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
4523 if ev is None or "type=9" not in ev:
4524 raise Exception("PKEX Commit-Reveal Request not seen")
4525 if "ignore=invalid-attributes" not in ev:
4526 raise Exception("Unexpected RX info: " + ev)
4527
4528 def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev, apdev):
4529 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
4530 run_dpp_proto_init_pkex(dev, 0, 5)
4531 ev = dev[1].wait_event(["DPP-RX"], timeout=5)
4532 if ev is None or "type=8" not in ev:
4533 raise Exception("PKEX Exchange Response not seen")
4534 ev = dev[1].wait_event(["DPP-RX"], timeout=5)
4535 if ev is None or "type=10" not in ev:
4536 raise Exception("PKEX Commit-Reveal Response not seen")
4537 if "ignore=invalid-attributes" not in ev:
4538 raise Exception("Unexpected RX info: " + ev)
4539
4540 def run_dpp_proto_pkex_req_missing(dev, test, reason):
4541 run_dpp_proto_init_pkex(dev, 1, test)
4542 ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
4543 if ev is None:
4544 raise Exception("DPP failure not seen")
4545 if reason not in ev:
4546 raise Exception("Unexpected failure: " + ev)
4547
4548 def run_dpp_proto_pkex_resp_missing(dev, test, reason):
4549 run_dpp_proto_init_pkex(dev, 0, test)
4550 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
4551 if ev is None:
4552 raise Exception("DPP failure not seen")
4553 if reason not in ev:
4554 raise Exception("Unexpected failure: " + ev)
4555
4556 def test_dpp_proto_pkex_exchange_req_no_finite_cyclic_group(dev, apdev):
4557 """DPP protocol testing - no Finite Cyclic Group in PKEX Exchange Request"""
4558 run_dpp_proto_pkex_req_missing(dev, 34,
4559 "Missing or invalid Finite Cyclic Group attribute")
4560
4561 def test_dpp_proto_pkex_exchange_req_no_encrypted_key(dev, apdev):
4562 """DPP protocol testing - no Encrypted Key in PKEX Exchange Request"""
4563 run_dpp_proto_pkex_req_missing(dev, 35,
4564 "Missing Encrypted Key attribute")
4565
4566 def test_dpp_proto_pkex_exchange_resp_no_status(dev, apdev):
4567 """DPP protocol testing - no Status in PKEX Exchange Response"""
4568 run_dpp_proto_pkex_resp_missing(dev, 36, "No DPP Status attribute")
4569
4570 def test_dpp_proto_pkex_exchange_resp_no_encrypted_key(dev, apdev):
4571 """DPP protocol testing - no Encrypted Key in PKEX Exchange Response"""
4572 run_dpp_proto_pkex_resp_missing(dev, 37, "Missing Encrypted Key attribute")
4573
4574 def test_dpp_proto_pkex_cr_req_no_bootstrap_key(dev, apdev):
4575 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Request"""
4576 run_dpp_proto_pkex_req_missing(dev, 38,
4577 "No valid peer bootstrapping key found")
4578
4579 def test_dpp_proto_pkex_cr_req_no_i_auth_tag(dev, apdev):
4580 """DPP protocol testing - no I-Auth Tag in PKEX Commit-Reveal Request"""
4581 run_dpp_proto_pkex_req_missing(dev, 39, "No valid u (I-Auth tag) found")
4582
4583 def test_dpp_proto_pkex_cr_req_no_wrapped_data(dev, apdev):
4584 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Request"""
4585 run_dpp_proto_pkex_req_missing(dev, 40, "Missing or invalid required Wrapped Data attribute")
4586
4587 def test_dpp_proto_pkex_cr_resp_no_bootstrap_key(dev, apdev):
4588 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Response"""
4589 run_dpp_proto_pkex_resp_missing(dev, 41,
4590 "No valid peer bootstrapping key found")
4591
4592 def test_dpp_proto_pkex_cr_resp_no_r_auth_tag(dev, apdev):
4593 """DPP protocol testing - no R-Auth Tag in PKEX Commit-Reveal Response"""
4594 run_dpp_proto_pkex_resp_missing(dev, 42, "No valid v (R-Auth tag) found")
4595
4596 def test_dpp_proto_pkex_cr_resp_no_wrapped_data(dev, apdev):
4597 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Response"""
4598 run_dpp_proto_pkex_resp_missing(dev, 43, "Missing or invalid required Wrapped Data attribute")
4599
4600 def test_dpp_proto_pkex_exchange_req_invalid_encrypted_key(dev, apdev):
4601 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Request"""
4602 run_dpp_proto_pkex_req_missing(dev, 44,
4603 "Invalid Encrypted Key value")
4604
4605 def test_dpp_proto_pkex_exchange_resp_invalid_encrypted_key(dev, apdev):
4606 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Response"""
4607 run_dpp_proto_pkex_resp_missing(dev, 45,
4608 "Invalid Encrypted Key value")
4609
4610 def test_dpp_proto_pkex_exchange_resp_invalid_status(dev, apdev):
4611 """DPP protocol testing - invalid Status in PKEX Exchange Response"""
4612 run_dpp_proto_pkex_resp_missing(dev, 46,
4613 "PKEX failed (peer indicated failure)")
4614
4615 def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev, apdev):
4616 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request"""
4617 run_dpp_proto_pkex_req_missing(dev, 47,
4618 "Peer bootstrapping key is invalid")
4619
4620 def test_dpp_proto_pkex_cr_resp_invalid_bootstrap_key(dev, apdev):
4621 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Response"""
4622 run_dpp_proto_pkex_resp_missing(dev, 48,
4623 "Peer bootstrapping key is invalid")
4624
4625 def test_dpp_proto_pkex_cr_req_i_auth_tag_mismatch(dev, apdev):
4626 """DPP protocol testing - I-auth tag mismatch in PKEX Commit-Reveal Request"""
4627 run_dpp_proto_pkex_req_missing(dev, 49, "No valid u (I-Auth tag) found")
4628
4629 def test_dpp_proto_pkex_cr_resp_r_auth_tag_mismatch(dev, apdev):
4630 """DPP protocol testing - R-auth tag mismatch in PKEX Commit-Reveal Response"""
4631 run_dpp_proto_pkex_resp_missing(dev, 50, "No valid v (R-Auth tag) found")
4632
4633 def test_dpp_proto_stop_at_pkex_exchange_resp(dev, apdev):
4634 """DPP protocol testing - stop when receiving PKEX Exchange Response"""
4635 run_dpp_proto_init_pkex(dev, 1, 84)
4636
4637 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4638 if ev is None:
4639 raise Exception("PKEX Exchange Req TX not seen")
4640
4641 ev = dev[0].wait_event(["DPP-TX "], timeout=5)
4642 if ev is None:
4643 raise Exception("PKEX Exchange Resp not seen")
4644
4645 ev = dev[1].wait_event(["DPP-TX "], timeout=0.1)
4646 if ev is not None:
4647 raise Exception("Unexpected PKEX CR Req TX")
4648
4649 def test_dpp_proto_stop_at_pkex_cr_req(dev, apdev):
4650 """DPP protocol testing - stop when receiving PKEX CR Request"""
4651 run_dpp_proto_init_pkex(dev, 0, 85)
4652
4653 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4654 if ev is None:
4655 raise Exception("PKEX Exchange Req TX not seen")
4656
4657 ev = dev[0].wait_event(["DPP-TX "], timeout=5)
4658 if ev is None:
4659 raise Exception("PKEX Exchange Resp not seen")
4660
4661 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4662 if ev is None:
4663 raise Exception("PKEX CR Req TX not seen")
4664
4665 ev = dev[0].wait_event(["DPP-TX "], timeout=0.1)
4666 if ev is not None:
4667 raise Exception("Unexpected PKEX CR Resp TX")
4668
4669 def test_dpp_proto_stop_at_pkex_cr_resp(dev, apdev):
4670 """DPP protocol testing - stop when receiving PKEX CR Response"""
4671 run_dpp_proto_init_pkex(dev, 1, 86)
4672
4673 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4674 if ev is None:
4675 raise Exception("PKEX Exchange Req TX not seen")
4676
4677 ev = dev[0].wait_event(["DPP-TX "], timeout=5)
4678 if ev is None:
4679 raise Exception("PKEX Exchange Resp not seen")
4680
4681 ev = dev[1].wait_event(["DPP-TX "], timeout=5)
4682 if ev is None:
4683 raise Exception("PKEX CR Req TX not seen")
4684
4685 ev = dev[0].wait_event(["DPP-TX "], timeout=5)
4686 if ev is None:
4687 raise Exception("PKEX CR Resp TX not seen")
4688
4689 ev = dev[1].wait_event(["DPP-TX "], timeout=0.1)
4690 if ev is not None:
4691 raise Exception("Unexpected Auth Req TX")
4692
4693 def test_dpp_proto_network_introduction(dev, apdev):
4694 """DPP protocol testing - network introduction"""
4695 check_dpp_capab(dev[0])
4696 check_dpp_capab(dev[1])
4697
4698 params = { "ssid": "dpp",
4699 "wpa": "2",
4700 "wpa_key_mgmt": "DPP",
4701 "ieee80211w": "2",
4702 "rsn_pairwise": "CCMP",
4703 "dpp_connector": params1_ap_connector,
4704 "dpp_csign": params1_csign,
4705 "dpp_netaccesskey": params1_ap_netaccesskey }
4706 try:
4707 hapd = hostapd.add_ap(apdev[0], params)
4708 except:
4709 raise HwsimSkip("DPP not supported")
4710
4711 for test in [ 60, 61, 80, 82 ]:
4712 dev[0].set("dpp_test", str(test))
4713 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412", ieee80211w="2",
4714 dpp_csign=params1_csign,
4715 dpp_connector=params1_sta_connector,
4716 dpp_netaccesskey=params1_sta_netaccesskey,
4717 wait_connect=False)
4718
4719 ev = dev[0].wait_event(["DPP-TX"], timeout=10)
4720 if ev is None or "type=5" not in ev:
4721 raise Exception("Peer Discovery Request TX not reported")
4722 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=2)
4723 if ev is None or "result=SUCCESS" not in ev:
4724 raise Exception("Peer Discovery Request TX status not reported")
4725
4726 ev = hapd.wait_event(["DPP-RX"], timeout=10)
4727 if ev is None or "type=5" not in ev:
4728 raise Exception("Peer Discovery Request RX not reported")
4729
4730 if test == 80:
4731 ev = dev[0].wait_event(["DPP-INTRO"], timeout=10)
4732 if ev is None:
4733 raise Exception("DPP-INTRO not reported for test 80")
4734 if "status=7" not in ev:
4735 raise Exception("Unexpected result in test 80: " + ev)
4736
4737 dev[0].request("REMOVE_NETWORK all")
4738 dev[0].dump_monitor()
4739 hapd.dump_monitor()
4740 dev[0].set("dpp_test", "0")
4741
4742 for test in [ 62, 63, 64, 77, 78, 79 ]:
4743 hapd.set("dpp_test", str(test))
4744 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412", ieee80211w="2",
4745 dpp_csign=params1_csign,
4746 dpp_connector=params1_sta_connector,
4747 dpp_netaccesskey=params1_sta_netaccesskey,
4748 wait_connect=False)
4749
4750 ev = dev[0].wait_event(["DPP-INTRO"], timeout=10)
4751 if ev is None:
4752 raise Exception("Peer introduction result not reported (test %d)" % test)
4753 if test == 77:
4754 if "fail=transaction_id_mismatch" not in ev:
4755 raise Exception("Connector validation failure not reported")
4756 elif test == 78:
4757 if "status=254" not in ev:
4758 raise Exception("Invalid status value not reported")
4759 elif test == 79:
4760 if "fail=peer_connector_validation_failed" not in ev:
4761 raise Exception("Connector validation failure not reported")
4762 elif "status=" in ev:
4763 raise Exception("Unexpected peer introduction result (test %d): " % test + ev)
4764
4765 dev[0].request("REMOVE_NETWORK all")
4766 dev[0].dump_monitor()
4767 hapd.dump_monitor()
4768 hapd.set("dpp_test", "0")
4769
4770 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412", ieee80211w="2",
4771 dpp_csign=params1_csign, dpp_connector=params1_sta_connector,
4772 dpp_netaccesskey=params1_sta_netaccesskey)
4773
4774 def test_dpp_qr_code_no_chan_list_unicast(dev, apdev):
4775 """DPP QR Code and no channel list (unicast)"""
4776 run_dpp_qr_code_chan_list(dev, apdev, True, 2417, None)
4777
4778 def test_dpp_qr_code_chan_list_unicast(dev, apdev):
4779 """DPP QR Code and 2.4 GHz channels (unicast)"""
4780 run_dpp_qr_code_chan_list(dev, apdev, True, 2417,
4781 "81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13")
4782
4783 def test_dpp_qr_code_chan_list_no_peer_unicast(dev, apdev):
4784 """DPP QR Code and channel list and no peer (unicast)"""
4785 run_dpp_qr_code_chan_list(dev, apdev, True, 2417, "81/1,81/6,81/11",
4786 no_wait=True)
4787 ev = dev[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout=5)
4788 if ev is None:
4789 raise Exception("Initiation failure not reported")
4790
4791 def test_dpp_qr_code_no_chan_list_broadcast(dev, apdev):
4792 """DPP QR Code and no channel list (broadcast)"""
4793 run_dpp_qr_code_chan_list(dev, apdev, False, 2412, None)
4794
4795 def test_dpp_qr_code_chan_list_broadcast(dev, apdev):
4796 """DPP QR Code and some 2.4 GHz channels (broadcast)"""
4797 run_dpp_qr_code_chan_list(dev, apdev, False, 2412, "81/1,81/6,81/11",
4798 timeout=10)
4799
4800 def run_dpp_qr_code_chan_list(dev, apdev, unicast, listen_freq, chanlist,
4801 no_wait=False, timeout=5):
4802 check_dpp_capab(dev[0])
4803 check_dpp_capab(dev[1])
4804 dev[1].set("dpp_init_max_tries", "3")
4805 dev[1].set("dpp_init_retry_time", "100")
4806 dev[1].set("dpp_resp_wait_time", "1000")
4807
4808 logger.info("dev0 displays QR Code")
4809 cmd = "DPP_BOOTSTRAP_GEN type=qrcode"
4810 if chanlist:
4811 cmd += " chan=" + chanlist
4812 if unicast:
4813 addr = dev[0].own_addr().replace(':', '')
4814 cmd += " mac=" + addr
4815 res = dev[0].request(cmd)
4816 if "FAIL" in res:
4817 raise Exception("Failed to generate bootstrapping info")
4818 id0 = int(res)
4819 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
4820
4821 logger.info("dev1 scans QR Code")
4822 res = dev[1].request("DPP_QR_CODE " + uri0)
4823 if "FAIL" in res:
4824 raise Exception("Failed to parse QR Code URI")
4825 id1 = int(res)
4826
4827 logger.info("dev1 initiates DPP Authentication")
4828 cmd = "DPP_LISTEN %d" % listen_freq
4829 if "OK" not in dev[0].request(cmd):
4830 raise Exception("Failed to start listen operation")
4831 cmd = "DPP_AUTH_INIT peer=%d" % id1
4832 if "OK" not in dev[1].request(cmd):
4833 raise Exception("Failed to initiate DPP Authentication")
4834 if no_wait:
4835 return
4836 ev = dev[0].wait_event(["DPP-AUTH-SUCCESS"], timeout=timeout)
4837 if ev is None:
4838 raise Exception("DPP authentication did not succeed (Responder)")
4839 ev = dev[1].wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
4840 if ev is None:
4841 raise Exception("DPP authentication did not succeed (Initiator)")
4842 ev = dev[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout=5)
4843 if ev is None:
4844 raise Exception("DPP configuration not completed (Enrollee)")
4845 dev[0].request("DPP_STOP_LISTEN")
4846 dev[0].dump_monitor()
4847 dev[1].dump_monitor()
4848
4849 def test_dpp_qr_code_chan_list_no_match(dev, apdev):
4850 """DPP QR Code and no matching supported channel"""
4851 check_dpp_capab(dev[0])
4852 check_dpp_capab(dev[1])
4853
4854 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=123/123"
4855 res = dev[0].request(cmd)
4856 if "FAIL" in res:
4857 raise Exception("Failed to generate bootstrapping info")
4858 id0 = int(res)
4859 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
4860
4861 res = dev[1].request("DPP_QR_CODE " + uri0)
4862 if "FAIL" in res:
4863 raise Exception("Failed to parse QR Code URI")
4864 id1 = int(res)
4865
4866 cmd = "DPP_AUTH_INIT peer=%d" % id1
4867 if "FAIL" not in dev[1].request(cmd):
4868 raise Exception("DPP Authentication started unexpectedly")
4869
4870 def test_dpp_pkex_alloc_fail(dev, apdev):
4871 """DPP/PKEX and memory allocation failures"""
4872 check_dpp_capab(dev[0])
4873 check_dpp_capab(dev[1])
4874
4875 tests = [ (1, "=dpp_keygen_configurator"),
4876 (1, "base64_gen_encode;dpp_keygen_configurator") ]
4877 for count, func in tests:
4878 with alloc_fail(dev[1], count, func):
4879 cmd = "DPP_CONFIGURATOR_ADD"
4880 res = dev[1].request(cmd);
4881 if "FAIL" not in res:
4882 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4883
4884 cmd = "DPP_CONFIGURATOR_ADD"
4885 res = dev[1].request(cmd);
4886 if "FAIL" in res:
4887 raise Exception("Failed to add configurator")
4888 conf_id = int(res)
4889
4890 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
4891 res = dev[0].request(cmd)
4892 if "FAIL" in res:
4893 raise Exception("Failed to generate bootstrapping info")
4894 id0 = int(res)
4895
4896 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
4897 res = dev[1].request(cmd)
4898 if "FAIL" in res:
4899 raise Exception("Failed to generate bootstrapping info")
4900 id1 = int(res)
4901
4902 # Local error cases on the Initiator
4903 tests = [ (1, "dpp_get_pubkey_point"),
4904 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"),
4905 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"),
4906 (1, "dpp_alloc_msg;dpp_auth_build_req"),
4907 (1, "dpp_alloc_msg;dpp_auth_build_conf"),
4908 (1, "dpp_bootstrap_key_hash"),
4909 (1, "dpp_auth_init"),
4910 (1, "=dpp_auth_resp_rx"),
4911 (2, "=dpp_auth_resp_rx"),
4912 (1, "dpp_build_conf_start"),
4913 (1, "dpp_build_conf_obj_dpp"),
4914 (2, "dpp_build_conf_obj_dpp"),
4915 (3, "dpp_build_conf_obj_dpp"),
4916 (4, "dpp_build_conf_obj_dpp"),
4917 (5, "dpp_build_conf_obj_dpp"),
4918 (6, "dpp_build_conf_obj_dpp"),
4919 (7, "dpp_build_conf_obj_dpp"),
4920 (8, "dpp_build_conf_obj_dpp"),
4921 (1, "dpp_conf_req_rx"),
4922 (2, "dpp_conf_req_rx"),
4923 (3, "dpp_conf_req_rx"),
4924 (4, "dpp_conf_req_rx"),
4925 (5, "dpp_conf_req_rx"),
4926 (6, "dpp_conf_req_rx"),
4927 (7, "dpp_conf_req_rx"),
4928 (1, "dpp_pkex_init"),
4929 (2, "dpp_pkex_init"),
4930 (3, "dpp_pkex_init"),
4931 (1, "dpp_pkex_derive_z"),
4932 (1, "=dpp_pkex_rx_commit_reveal_resp"),
4933 (1, "dpp_get_pubkey_point;dpp_build_jwk"),
4934 (2, "dpp_get_pubkey_point;dpp_build_jwk"),
4935 (1, "dpp_get_pubkey_point;dpp_auth_init") ]
4936 for count, func in tests:
4937 dev[0].request("DPP_STOP_LISTEN")
4938 dev[1].request("DPP_STOP_LISTEN")
4939 dev[0].dump_monitor()
4940 dev[1].dump_monitor()
4941
4942 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
4943 res = dev[0].request(cmd)
4944 if "FAIL" in res:
4945 raise Exception("Failed to set PKEX data (responder)")
4946 cmd = "DPP_LISTEN 2437"
4947 if "OK" not in dev[0].request(cmd):
4948 raise Exception("Failed to start listen operation")
4949
4950 with alloc_fail(dev[1], count, func):
4951 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1, conf_id)
4952 dev[1].request(cmd)
4953 wait_fail_trigger(dev[1], "GET_ALLOC_FAIL", max_iter=100)
4954 ev = dev[0].wait_event(["GAS-QUERY-START"], timeout=0.01)
4955 if ev:
4956 dev[0].request("DPP_STOP_LISTEN")
4957 dev[0].wait_event(["GAS-QUERY-DONE"], timeout=3)
4958
4959 # Local error cases on the Responder
4960 tests = [ (1, "dpp_get_pubkey_point"),
4961 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"),
4962 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"),
4963 (1, "dpp_alloc_msg;dpp_auth_build_resp"),
4964 (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"),
4965 (1, "=dpp_auth_req_rx"),
4966 (2, "=dpp_auth_req_rx"),
4967 (1, "=dpp_auth_conf_rx"),
4968 (1, "json_parse;dpp_parse_jws_prot_hdr"),
4969 (1, "json_get_member_base64url;dpp_parse_jws_prot_hdr"),
4970 (1, "json_get_member_base64url;dpp_parse_jwk"),
4971 (2, "json_get_member_base64url;dpp_parse_jwk"),
4972 (1, "json_parse;dpp_parse_connector"),
4973 (1, "dpp_parse_jwk;dpp_parse_connector"),
4974 (1, "dpp_parse_jwk;dpp_parse_cred_dpp"),
4975 (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"),
4976 (1, "base64_gen_decode;dpp_process_signed_connector"),
4977 (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"),
4978 (2, "base64_gen_decode;dpp_process_signed_connector"),
4979 (3, "base64_gen_decode;dpp_process_signed_connector"),
4980 (4, "base64_gen_decode;dpp_process_signed_connector"),
4981 (1, "json_parse;dpp_parse_conf_obj"),
4982 (1, "dpp_conf_resp_rx"),
4983 (1, "=dpp_pkex_derive_z"),
4984 (1, "=dpp_pkex_rx_exchange_req"),
4985 (2, "=dpp_pkex_rx_exchange_req"),
4986 (3, "=dpp_pkex_rx_exchange_req"),
4987 (1, "=dpp_pkex_rx_commit_reveal_req"),
4988 (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"),
4989 (1, "dpp_bootstrap_key_hash") ]
4990 for count, func in tests:
4991 dev[0].request("DPP_STOP_LISTEN")
4992 dev[1].request("DPP_STOP_LISTEN")
4993 dev[0].dump_monitor()
4994 dev[1].dump_monitor()
4995
4996 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
4997 res = dev[0].request(cmd)
4998 if "FAIL" in res:
4999 raise Exception("Failed to set PKEX data (responder)")
5000 cmd = "DPP_LISTEN 2437"
5001 if "OK" not in dev[0].request(cmd):
5002 raise Exception("Failed to start listen operation")
5003
5004 with alloc_fail(dev[0], count, func):
5005 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1, conf_id)
5006 dev[1].request(cmd)
5007 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL", max_iter=100)
5008 ev = dev[0].wait_event(["GAS-QUERY-START"], timeout=0.01)
5009 if ev:
5010 dev[0].request("DPP_STOP_LISTEN")
5011 dev[0].wait_event(["GAS-QUERY-DONE"], timeout=3)
5012
5013 def test_dpp_pkex_test_fail(dev, apdev):
5014 """DPP/PKEX and local failures"""
5015 check_dpp_capab(dev[0])
5016 check_dpp_capab(dev[1])
5017
5018 tests = [ (1, "dpp_keygen_configurator") ]
5019 for count, func in tests:
5020 with fail_test(dev[1], count, func):
5021 cmd = "DPP_CONFIGURATOR_ADD"
5022 res = dev[1].request(cmd);
5023 if "FAIL" not in res:
5024 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
5025
5026 tests = [ (1, "dpp_keygen") ]
5027 for count, func in tests:
5028 with fail_test(dev[1], count, func):
5029 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
5030 res = dev[1].request(cmd);
5031 if "FAIL" not in res:
5032 raise Exception("Unexpected DPP_BOOTSTRAP_GEN success")
5033
5034 cmd = "DPP_CONFIGURATOR_ADD"
5035 res = dev[1].request(cmd);
5036 if "FAIL" in res:
5037 raise Exception("Failed to add configurator")
5038 conf_id = int(res)
5039
5040 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
5041 res = dev[0].request(cmd)
5042 if "FAIL" in res:
5043 raise Exception("Failed to generate bootstrapping info")
5044 id0 = int(res)
5045
5046 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
5047 res = dev[1].request(cmd)
5048 if "FAIL" in res:
5049 raise Exception("Failed to generate bootstrapping info")
5050 id1 = int(res)
5051
5052 # Local error cases on the Initiator
5053 tests = [ (1, "aes_siv_encrypt;dpp_auth_build_req"),
5054 (1, "os_get_random;dpp_auth_init"),
5055 (1, "dpp_derive_k1;dpp_auth_init"),
5056 (1, "dpp_hkdf_expand;dpp_derive_k1;dpp_auth_init"),
5057 (1, "dpp_gen_i_auth;dpp_auth_build_conf"),
5058 (1, "aes_siv_encrypt;dpp_auth_build_conf"),
5059 (1, "dpp_derive_k2;dpp_auth_resp_rx"),
5060 (1, "dpp_hkdf_expand;dpp_derive_k2;dpp_auth_resp_rx"),
5061 (1, "dpp_derive_ke;dpp_auth_resp_rx"),
5062 (1, "dpp_hkdf_expand;dpp_derive_ke;dpp_auth_resp_rx"),
5063 (1, "dpp_gen_r_auth;dpp_auth_resp_rx"),
5064 (1, "aes_siv_encrypt;dpp_build_conf_resp"),
5065 (1, "dpp_pkex_derive_Qi;dpp_pkex_build_exchange_req"),
5066 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_req"),
5067 (1, "hmac_sha256_vector;dpp_pkex_rx_exchange_resp"),
5068 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_resp"),
5069 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_resp"),
5070 (1, "dpp_bootstrap_key_hash") ]
5071 for count, func in tests:
5072 dev[0].request("DPP_STOP_LISTEN")
5073 dev[1].request("DPP_STOP_LISTEN")
5074 dev[0].dump_monitor()
5075 dev[1].dump_monitor()
5076
5077 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
5078 res = dev[0].request(cmd)
5079 if "FAIL" in res:
5080 raise Exception("Failed to set PKEX data (responder)")
5081 cmd = "DPP_LISTEN 2437"
5082 if "OK" not in dev[0].request(cmd):
5083 raise Exception("Failed to start listen operation")
5084
5085 with fail_test(dev[1], count, func):
5086 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1, conf_id)
5087 dev[1].request(cmd)
5088 wait_fail_trigger(dev[1], "GET_FAIL", max_iter=100)
5089 ev = dev[0].wait_event(["GAS-QUERY-START"], timeout=0.01)
5090 if ev:
5091 dev[0].request("DPP_STOP_LISTEN")
5092 dev[0].wait_event(["GAS-QUERY-DONE"], timeout=3)
5093
5094 # Local error cases on the Responder
5095 tests = [ (1, "aes_siv_encrypt;dpp_auth_build_resp"),
5096 (1, "aes_siv_encrypt;dpp_auth_build_resp;dpp_auth_build_resp_ok"),
5097 (1, "os_get_random;dpp_build_conf_req"),
5098 (1, "aes_siv_encrypt;dpp_build_conf_req"),
5099 (1, "os_get_random;dpp_auth_build_resp_ok"),
5100 (1, "dpp_derive_k2;dpp_auth_build_resp_ok"),
5101 (1, "dpp_derive_ke;dpp_auth_build_resp_ok"),
5102 (1, "dpp_gen_r_auth;dpp_auth_build_resp_ok"),
5103 (1, "aes_siv_encrypt;dpp_auth_build_resp_ok"),
5104 (1, "dpp_derive_k1;dpp_auth_req_rx"),
5105 (1, "aes_siv_decrypt;dpp_auth_req_rx"),
5106 (1, "aes_siv_decrypt;dpp_auth_conf_rx"),
5107 (1, "dpp_gen_i_auth;dpp_auth_conf_rx"),
5108 (1, "dpp_check_pubkey_match"),
5109 (1, "aes_siv_decrypt;dpp_conf_resp_rx"),
5110 (1, "hmac_sha256_kdf;dpp_pkex_derive_z"),
5111 (1, "dpp_pkex_derive_Qi;dpp_pkex_rx_exchange_req"),
5112 (1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_req"),
5113 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_resp"),
5114 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_req"),
5115 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req"),
5116 (2, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req") ]
5117 for count, func in tests:
5118 dev[0].request("DPP_STOP_LISTEN")
5119 dev[1].request("DPP_STOP_LISTEN")
5120 dev[0].dump_monitor()
5121 dev[1].dump_monitor()
5122
5123 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
5124 res = dev[0].request(cmd)
5125 if "FAIL" in res:
5126 raise Exception("Failed to set PKEX data (responder)")
5127 cmd = "DPP_LISTEN 2437"
5128 if "OK" not in dev[0].request(cmd):
5129 raise Exception("Failed to start listen operation")
5130
5131 with fail_test(dev[0], count, func):
5132 cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1, conf_id)
5133 dev[1].request(cmd)
5134 wait_fail_trigger(dev[0], "GET_FAIL", max_iter=100)
5135 ev = dev[0].wait_event(["GAS-QUERY-START"], timeout=0.01)
5136 if ev:
5137 dev[0].request("DPP_STOP_LISTEN")
5138 dev[0].wait_event(["GAS-QUERY-DONE"], timeout=3)
5139
5140 def test_dpp_keygen_configurator_error(dev, apdev):
5141 """DPP Configurator keygen error case"""
5142 check_dpp_capab(dev[0])
5143 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD curve=unknown"):
5144 raise Exception("Unexpected success of invalid DPP_CONFIGURATOR_ADD")
5145
5146 def rx_process_frame(dev):
5147 msg = dev.mgmt_rx()
5148 if "OK" not in dev.request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], msg['frame'].encode('hex'))):
5149 raise Exception("MGMT_RX_PROCESS failed")
5150
5151 def wait_auth_success(responder, initiator):
5152 ev = responder.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
5153 if ev is None:
5154 raise Exception("DPP authentication did not succeed (Responder)")
5155 ev = initiator.wait_event(["DPP-AUTH-SUCCESS"], timeout=5)
5156 if ev is None:
5157 raise Exception("DPP authentication did not succeed (Initiator)")
5158
5159 def wait_conf_completion(configurator, enrollee):
5160 ev = configurator.wait_event(["DPP-CONF-SENT"], timeout=5)
5161 if ev is None:
5162 raise Exception("DPP configuration not completed (Configurator)")
5163 ev = enrollee.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"],
5164 timeout=5)
5165 if ev is None:
5166 raise Exception("DPP configuration not completed (Enrollee)")
5167
5168 def start_dpp(dev):
5169 addr = dev[0].own_addr().replace(':', '')
5170 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5171 res = dev[0].request(cmd)
5172 if "FAIL" in res:
5173 raise Exception("Failed to generate bootstrapping info")
5174 id0 = int(res)
5175 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5176
5177 res = dev[1].request("DPP_QR_CODE " + uri0)
5178 if "FAIL" in res:
5179 raise Exception("Failed to parse QR Code URI")
5180 id1 = int(res)
5181
5182 conf = '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
5183 dev[0].set("dpp_config_obj_override", conf)
5184
5185 dev[0].set("ext_mgmt_frame_handling", "1")
5186 cmd = "DPP_LISTEN 2412"
5187 if "OK" not in dev[0].request(cmd):
5188 raise Exception("Failed to start listen operation")
5189 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5190 if "OK" not in dev[1].request(cmd):
5191 raise Exception("Failed to initiate DPP Authentication")
5192
5193 def test_dpp_gas_timeout_handling(dev, apdev):
5194 """DPP and GAS timeout handling"""
5195 check_dpp_capab(dev[0])
5196 check_dpp_capab(dev[1])
5197 start_dpp(dev)
5198
5199 # DPP Authentication Request
5200 rx_process_frame(dev[0])
5201
5202 # DPP Authentication Confirmation
5203 rx_process_frame(dev[0])
5204
5205 wait_auth_success(dev[0], dev[1])
5206
5207 # DPP Configuration Request (GAS Initial Request frame)
5208 rx_process_frame(dev[0])
5209
5210 # DPP Configuration Request (GAS Comeback Request frame)
5211 rx_process_frame(dev[0])
5212
5213 # Wait for GAS timeout
5214 ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=5)
5215 if ev is None:
5216 raise Exception("DPP configuration not completed (Enrollee)")
5217
5218 def test_dpp_gas_comeback_after_failure(dev, apdev):
5219 """DPP and GAS comeback after failure"""
5220 check_dpp_capab(dev[0])
5221 check_dpp_capab(dev[1])
5222 start_dpp(dev)
5223
5224 # DPP Authentication Request
5225 rx_process_frame(dev[0])
5226
5227 # DPP Authentication Confirmation
5228 rx_process_frame(dev[0])
5229
5230 wait_auth_success(dev[0], dev[1])
5231
5232 # DPP Configuration Request (GAS Initial Request frame)
5233 rx_process_frame(dev[0])
5234
5235 # DPP Configuration Request (GAS Comeback Request frame)
5236 msg = dev[0].mgmt_rx()
5237 frame = msg['frame'].encode('hex')
5238 with alloc_fail(dev[0], 1, "gas_build_comeback_resp;gas_server_handle_rx_comeback_req"):
5239 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5240 raise Exception("MGMT_RX_PROCESS failed")
5241 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
5242 # Try the same frame again - this is expected to fail since the response has
5243 # already been freed.
5244 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5245 raise Exception("MGMT_RX_PROCESS failed")
5246
5247 # DPP Configuration Request (GAS Comeback Request frame retry)
5248 msg = dev[0].mgmt_rx()
5249
5250 def test_dpp_gas(dev, apdev):
5251 """DPP and GAS protocol testing"""
5252 check_dpp_capab(dev[0])
5253 check_dpp_capab(dev[1])
5254 start_dpp(dev)
5255
5256 # DPP Authentication Request
5257 rx_process_frame(dev[0])
5258
5259 # DPP Authentication Confirmation
5260 rx_process_frame(dev[0])
5261
5262 wait_auth_success(dev[0], dev[1])
5263
5264 # DPP Configuration Request (GAS Initial Request frame)
5265 msg = dev[0].mgmt_rx()
5266
5267 # Protected Dual of GAS Initial Request frame (dropped by GAS server)
5268 frame = msg['frame'].encode('hex')
5269 frame = frame[0:48] + "09" + frame[50:]
5270 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5271 raise Exception("MGMT_RX_PROCESS failed")
5272
5273 with alloc_fail(dev[0], 1, "gas_server_send_resp"):
5274 frame = msg['frame'].encode('hex')
5275 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5276 raise Exception("MGMT_RX_PROCESS failed")
5277 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
5278
5279 with alloc_fail(dev[0], 1, "gas_build_initial_resp;gas_server_send_resp"):
5280 frame = msg['frame'].encode('hex')
5281 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5282 raise Exception("MGMT_RX_PROCESS failed")
5283 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
5284
5285 # Add extra data after Query Request field to trigger
5286 # "GAS: Ignored extra data after Query Request field"
5287 frame = msg['frame'].encode('hex') + "00"
5288 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame)):
5289 raise Exception("MGMT_RX_PROCESS failed")
5290
5291 # DPP Configuration Request (GAS Comeback Request frame)
5292 rx_process_frame(dev[0])
5293
5294 # DPP Configuration Request (GAS Comeback Request frame)
5295 rx_process_frame(dev[0])
5296
5297 # DPP Configuration Request (GAS Comeback Request frame)
5298 rx_process_frame(dev[0])
5299
5300 wait_conf_completion(dev[0], dev[1])
5301
5302 def test_dpp_truncated_attr(dev, apdev):
5303 """DPP and truncated attribute"""
5304 check_dpp_capab(dev[0])
5305 check_dpp_capab(dev[1])
5306 start_dpp(dev)
5307
5308 # DPP Authentication Request
5309 msg = dev[0].mgmt_rx()
5310 frame = msg['frame']
5311
5312 # DPP: Truncated message - not enough room for the attribute - dropped
5313 frame1 = frame[0:36].encode('hex')
5314 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame1)):
5315 raise Exception("MGMT_RX_PROCESS failed")
5316 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
5317 if ev is None or "ignore=invalid-attributes" not in ev:
5318 raise Exception("Invalid attribute error not reported")
5319
5320 # DPP: Unexpected octets (3) after the last attribute
5321 frame2 = frame.encode('hex') + "000000"
5322 if "OK" not in dev[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg['freq'], msg['datarate'], msg['ssi_signal'], frame2)):
5323 raise Exception("MGMT_RX_PROCESS failed")
5324 ev = dev[0].wait_event(["DPP-RX"], timeout=5)
5325 if ev is None or "ignore=invalid-attributes" not in ev:
5326 raise Exception("Invalid attribute error not reported")
5327
5328 def test_dpp_bootstrap_key_autogen_issues(dev, apdev):
5329 """DPP bootstrap key autogen issues"""
5330 check_dpp_capab(dev[0])
5331 check_dpp_capab(dev[1])
5332
5333 logger.info("dev0 displays QR Code")
5334 addr = dev[0].own_addr().replace(':', '')
5335 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5336 res = dev[0].request(cmd)
5337 if "FAIL" in res:
5338 raise Exception("Failed to generate bootstrapping info")
5339 id0 = int(res)
5340 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5341
5342 logger.info("dev1 scans QR Code")
5343 res = dev[1].request("DPP_QR_CODE " + uri0)
5344 if "FAIL" in res:
5345 raise Exception("Failed to parse QR Code URI")
5346 id1 = int(res)
5347
5348 logger.info("dev1 initiates DPP Authentication")
5349 cmd = "DPP_LISTEN 2412"
5350 if "OK" not in dev[0].request(cmd):
5351 raise Exception("Failed to start listen operation")
5352 with alloc_fail(dev[1], 1, "dpp_autogen_bootstrap_key"):
5353 cmd = "DPP_AUTH_INIT peer=%d" % id1
5354 if "FAIL" not in dev[1].request(cmd):
5355 raise Exception("Failure not reported")
5356 with alloc_fail(dev[1], 2, "=dpp_autogen_bootstrap_key"):
5357 cmd = "DPP_AUTH_INIT peer=%d" % id1
5358 if "FAIL" not in dev[1].request(cmd):
5359 raise Exception("Failure not reported")
5360 with fail_test(dev[1], 1, "dpp_keygen;dpp_autogen_bootstrap_key"):
5361 cmd = "DPP_AUTH_INIT peer=%d" % id1
5362 if "FAIL" not in dev[1].request(cmd):
5363 raise Exception("Failure not reported")
5364 dev[0].request("DPP_STOP_LISTEN")
5365
5366 def test_dpp_auth_resp_status_failure(dev, apdev):
5367 """DPP and Auth Resp(status) build failure"""
5368 with alloc_fail(dev[0], 1, "dpp_auth_build_resp"):
5369 run_dpp_proto_auth_resp_missing(dev, 99999, None,
5370 incompatible_roles=True)
5371
5372 def test_dpp_auth_resp_aes_siv_issue(dev, apdev):
5373 """DPP Auth Resp AES-SIV issue"""
5374 check_dpp_capab(dev[0])
5375 check_dpp_capab(dev[1])
5376
5377 logger.info("dev0 displays QR Code")
5378 addr = dev[0].own_addr().replace(':', '')
5379 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5380 res = dev[0].request(cmd)
5381 if "FAIL" in res:
5382 raise Exception("Failed to generate bootstrapping info")
5383 id0 = int(res)
5384 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5385
5386 logger.info("dev1 scans QR Code")
5387 res = dev[1].request("DPP_QR_CODE " + uri0)
5388 if "FAIL" in res:
5389 raise Exception("Failed to parse QR Code URI")
5390 id1 = int(res)
5391
5392 logger.info("dev1 initiates DPP Authentication")
5393 cmd = "DPP_LISTEN 2412"
5394 if "OK" not in dev[0].request(cmd):
5395 raise Exception("Failed to start listen operation")
5396 cmd = "DPP_AUTH_INIT peer=%d" % id1
5397 with fail_test(dev[1], 1, "aes_siv_decrypt;dpp_auth_resp_rx"):
5398 if "OK" not in dev[1].request(cmd):
5399 raise Exception("Failed to initiate DPP Authentication")
5400 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
5401 if ev is None or "AES-SIV decryption failed" not in ev:
5402 raise Exception("AES-SIV decryption failure not reported")
5403 dev[0].request("DPP_STOP_LISTEN")
5404
5405 def test_dpp_invalid_legacy_params(dev, apdev):
5406 """DPP invalid legacy parameters"""
5407 check_dpp_capab(dev[0])
5408 check_dpp_capab(dev[1])
5409
5410 addr = dev[0].own_addr().replace(':', '')
5411 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5412 res = dev[0].request(cmd)
5413 if "FAIL" in res:
5414 raise Exception("Failed to generate bootstrapping info")
5415 id0 = int(res)
5416 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5417
5418 res = dev[1].request("DPP_QR_CODE " + uri0)
5419 if "FAIL" in res:
5420 raise Exception("Failed to parse QR Code URI")
5421 id1 = int(res)
5422
5423 # No pass/psk
5424 cmd = "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s" % (id1, "dpp-legacy".encode("hex"))
5425 if "FAIL" not in dev[1].request(cmd):
5426 raise Exception("Invalid command not rejected")
5427
5428 def test_dpp_invalid_legacy_params2(dev, apdev):
5429 """DPP invalid legacy parameters 2"""
5430 check_dpp_capab(dev[0])
5431 check_dpp_capab(dev[1])
5432
5433 addr = dev[0].own_addr().replace(':', '')
5434 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5435 res = dev[0].request(cmd)
5436 if "FAIL" in res:
5437 raise Exception("Failed to generate bootstrapping info")
5438 id0 = int(res)
5439 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5440
5441 res = dev[1].request("DPP_QR_CODE " + uri0)
5442 if "FAIL" in res:
5443 raise Exception("Failed to parse QR Code URI")
5444 id1 = int(res)
5445
5446 dev[0].set("dpp_configurator_params",
5447 " conf=sta-psk ssid=%s" % ("dpp-legacy".encode("hex")))
5448 cmd = "DPP_LISTEN 2412 role=configurator"
5449 if "OK" not in dev[0].request(cmd):
5450 raise Exception("Failed to start listen operation")
5451
5452 # No pass/psk
5453 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5454 if "OK" not in dev[1].request(cmd):
5455 raise Exception("Failed to initiate DPP Authentication")
5456 ev = dev[0].wait_event(["DPP: Failed to set configurator parameters"],
5457 timeout=5)
5458 if ev is None:
5459 raise Exception("DPP configuration failure not reported")
5460
5461 def test_dpp_legacy_params_failure(dev, apdev):
5462 """DPP legacy parameters local failure"""
5463 check_dpp_capab(dev[0])
5464 check_dpp_capab(dev[1])
5465
5466 addr = dev[0].own_addr().replace(':', '')
5467 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5468 res = dev[0].request(cmd)
5469 if "FAIL" in res:
5470 raise Exception("Failed to generate bootstrapping info")
5471 id0 = int(res)
5472 uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
5473
5474 res = dev[1].request("DPP_QR_CODE " + uri0)
5475 if "FAIL" in res:
5476 raise Exception("Failed to parse QR Code URI")
5477 id1 = int(res)
5478
5479 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
5480 raise Exception("Failed to start listen operation")
5481
5482 cmd = "DPP_AUTH_INIT peer=%d conf=sta-psk pass=%s ssid=%s" % (id1, "passphrase".encode("hex"), "dpp-legacy".encode("hex"))
5483 with alloc_fail(dev[1], 1, "dpp_build_conf_obj_legacy"):
5484 if "OK" not in dev[1].request(cmd):
5485 raise Exception("Failed to initiate DPP")
5486 ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=5)
5487 if ev is None:
5488 raise Exception("DPP configuration failure not reported")
5489
5490 def test_dpp_invalid_configurator_key(dev, apdev):
5491 """DPP invalid configurator key"""
5492 check_dpp_capab(dev[0])
5493
5494 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=aa"):
5495 raise Exception("Invalid key accepted")
5496
5497 with alloc_fail(dev[0], 1, "dpp_keygen_configurator"):
5498 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256):
5499 raise Exception("Error not reported")
5500
5501 with alloc_fail(dev[0], 1, "dpp_get_pubkey_point;dpp_keygen_configurator"):
5502 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256):
5503 raise Exception("Error not reported")
5504
5505 with alloc_fail(dev[0], 1, "base64_gen_encode;dpp_keygen_configurator"):
5506 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256):
5507 raise Exception("Error not reported")
5508
5509 with fail_test(dev[0], 1, "dpp_keygen_configurator"):
5510 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256):
5511 raise Exception("Error not reported")
5512
5513 def test_dpp_own_config_sign_fail(dev, apdev):
5514 """DPP own config signing failure"""
5515 check_dpp_capab(dev[0])
5516 res = dev[0].request("DPP_CONFIGURATOR_ADD");
5517 if "FAIL" in res:
5518 raise Exception("Failed to add configurator")
5519 conf_id = int(res)
5520 tests = [ "",
5521 " ",
5522 " conf=sta-dpp",
5523 " configurator=%d" % conf_id,
5524 " conf=sta-dpp configurator=%d curve=unsupported" % conf_id ]
5525 for t in tests:
5526 if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_SIGN " + t):
5527 raise Exception("Invalid command accepted: " + t)
5528
5529 def test_dpp_peer_intro_failures(dev, apdev):
5530 """DPP peer introduction failures"""
5531 try:
5532 run_dpp_peer_intro_failures(dev, apdev)
5533 finally:
5534 dev[0].set("dpp_config_processing", "0")
5535
5536 def run_dpp_peer_intro_failures(dev, apdev):
5537 check_dpp_capab(dev[0])
5538 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
5539 check_dpp_capab(hapd)
5540
5541 res = hapd.request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256);
5542 if "FAIL" in res:
5543 raise Exception("Failed to add configurator")
5544 conf_id = int(res)
5545 csign = hapd.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id)
5546 if "FAIL" in csign or len(csign) == 0:
5547 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
5548
5549 res = dev[0].request("DPP_CONFIGURATOR_ADD key=" + csign);
5550 if "FAIL" in res:
5551 raise Exception("Failed to add configurator")
5552 conf_id2 = int(res)
5553 csign2 = dev[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id2)
5554
5555 if csign != csign2:
5556 raise Exception("Unexpected difference in configurator key")
5557
5558 cmd = "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d" % conf_id
5559 res = hapd.request(cmd)
5560 if "FAIL" in res:
5561 raise Exception("Failed to generate own configuration")
5562 update_hapd_config(hapd)
5563
5564 dev[0].set("dpp_config_processing", "1")
5565 cmd = "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5566 res = dev[0].request(cmd)
5567 if "FAIL" in res:
5568 raise Exception("Failed to generate own configuration")
5569 ev = dev[0].wait_event(["DPP-NETWORK-ID"], timeout=1)
5570 if ev is None:
5571 raise Exception("DPP network profile not generated")
5572 id = ev.split(' ')[1]
5573 dev[0].select_network(id, freq=2412)
5574 dev[0].wait_connected()
5575 dev[0].request("DISCONNECT")
5576 dev[0].wait_disconnected()
5577 dev[0].dump_monitor()
5578
5579 tests = [ "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOltdLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJiVmFMRGlBT09OQmFjcVFVN1pYamFBVEtEMVhhbDVlUExqOUZFZUl3VkN3IiwieSI6Il95c25JR1hTYjBvNEsyMWg0anZmSkZxMHdVNnlPNWp1VUFPd3FuM0dHVHMifX0.WgzZBOJaisWBRxvtXPbVYPXU7OIZxs6sZD-cPOLmJVTIYZKdMkSOMvP5b6si_j61FIrjhm43tmGq1P6cpoxB_g",
5580 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7fV0sIm5ldEFjY2Vzc0tleSI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IkJhY3BWSDNpNDBrZklNS0RHa1FFRzhCODBCaEk4cEFmTWpLbzM5NlFZT2ciLCJ5IjoiMjBDYjhDNjRsSjFzQzV2NXlKMnBFZXRRempxMjI4YVV2cHMxNmQ0M3EwQSJ9fQ.dG2y8VvZQJ5hfob8E5F2FAeR7Nd700qstYkxDgA2QfARaNMZ0_SfKfoG-yKXsIZNM-TvGBfACgfhagG9Oaw_Xw",
5581 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJkc2VmcmJWWlhad0RMWHRpLWlObDBBYkFIOXpqeFFKd0R1SUd5NzNuZGU0IiwieSI6IjZFQnExN3cwYW1fZlh1OUQ4UGxWYk9XZ2I3b19DcTUxWHlmSG8wcHJyeDQifX0.caBvdDUtXrhnS61-juVZ_2FQdprepv0yZjC04G4ERvLUpeX7cgu0Hp-A1aFDogP1PEFGpkaEdcAWRQnSSRiIKQ" ]
5582 for t in tests:
5583 dev[0].set_network_quoted(id, "dpp_connector", t)
5584 dev[0].select_network(id, freq=2412)
5585 ev = dev[0].wait_event(["DPP-INTRO"], timeout=5)
5586 if ev is None or "status=8" not in ev:
5587 raise Exception("Introduction failure not reported")
5588 dev[0].request("DISCONNECT")
5589 dev[0].dump_monitor()
5590
5591 def test_dpp_peer_intro_local_failures(dev, apdev):
5592 """DPP peer introduction local failures"""
5593 check_dpp_capab(dev[0])
5594 check_dpp_capab(dev[1])
5595
5596 params = { "ssid": "dpp",
5597 "wpa": "2",
5598 "wpa_key_mgmt": "DPP",
5599 "ieee80211w": "2",
5600 "rsn_pairwise": "CCMP",
5601 "dpp_connector": params1_ap_connector,
5602 "dpp_csign": params1_csign,
5603 "dpp_netaccesskey": params1_ap_netaccesskey }
5604 try:
5605 hapd = hostapd.add_ap(apdev[0], params)
5606 except:
5607 raise HwsimSkip("DPP not supported")
5608
5609 tests = [ "dpp_derive_pmk",
5610 "dpp_hkdf_expand;dpp_derive_pmk",
5611 "dpp_derive_pmkid" ]
5612 for func in tests:
5613 with fail_test(dev[0], 1, func):
5614 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
5615 ieee80211w="2",
5616 dpp_csign=params1_csign,
5617 dpp_connector=params1_sta_connector,
5618 dpp_netaccesskey=params1_sta_netaccesskey,
5619 wait_connect=False)
5620 ev = dev[0].wait_event(["DPP-INTRO"], timeout=10)
5621 if ev is None or "fail=peer_connector_validation_failed" not in ev:
5622 raise Exception("Introduction failure not reported")
5623 dev[0].request("REMOVE_NETWORK all")
5624 dev[0].dump_monitor()
5625
5626 tests = [ (1, "base64_gen_decode;dpp_peer_intro"),
5627 (1, "json_parse;dpp_peer_intro"),
5628 (50, "json_parse;dpp_peer_intro"),
5629 (1, "=dpp_peer_intro"),
5630 (1, "dpp_parse_jwk") ]
5631 for count,func in tests:
5632 with alloc_fail(dev[0], count, func):
5633 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
5634 ieee80211w="2",
5635 dpp_csign=params1_csign,
5636 dpp_connector=params1_sta_connector,
5637 dpp_netaccesskey=params1_sta_netaccesskey,
5638 wait_connect=False)
5639 ev = dev[0].wait_event(["DPP-INTRO"], timeout=10)
5640 if ev is None or "fail=peer_connector_validation_failed" not in ev:
5641 raise Exception("Introduction failure not reported")
5642 dev[0].request("REMOVE_NETWORK all")
5643 dev[0].dump_monitor()
5644
5645 parts = params1_ap_connector.split('.')
5646 for ap_connector in [ '.'.join(parts[0:2]), '.'.join(parts[0:1]) ]:
5647 hapd.set("dpp_connector", ap_connector)
5648 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
5649 ieee80211w="2",
5650 dpp_csign=params1_csign,
5651 dpp_connector=params1_sta_connector,
5652 dpp_netaccesskey=params1_sta_netaccesskey,
5653 wait_connect=False)
5654 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=10)
5655 if ev is None:
5656 raise Exception("No TX status reported")
5657 dev[0].request("REMOVE_NETWORK all")
5658 dev[0].dump_monitor()
5659
5660 hapd.set("dpp_netaccesskey", "00")
5661 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
5662 ieee80211w="2",
5663 dpp_csign=params1_csign,
5664 dpp_connector=params1_sta_connector,
5665 dpp_netaccesskey=params1_sta_netaccesskey,
5666 wait_connect=False)
5667 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=10)
5668 if ev is None:
5669 raise Exception("No TX status reported")
5670 dev[0].request("REMOVE_NETWORK all")
5671 dev[0].dump_monitor()
5672
5673 hapd.set("dpp_csign", "00")
5674 dev[0].connect("dpp", key_mgmt="DPP", scan_freq="2412",
5675 ieee80211w="2",
5676 dpp_csign=params1_csign,
5677 dpp_connector=params1_sta_connector,
5678 dpp_netaccesskey=params1_sta_netaccesskey,
5679 wait_connect=False)
5680 ev = dev[0].wait_event(["DPP-TX-STATUS"], timeout=10)
5681 if ev is None:
5682 raise Exception("No TX status reported")
5683 dev[0].request("REMOVE_NETWORK all")
5684 dev[0].dump_monitor()
5685
5686 def run_dpp_configurator_id_unknown(dev):
5687 check_dpp_capab(dev)
5688 res = dev.request("DPP_CONFIGURATOR_ADD")
5689 if "FAIL" in res:
5690 raise Exception("Failed to add configurator")
5691 conf_id = int(res)
5692 if "FAIL" not in dev.request("DPP_CONFIGURATOR_GET_KEY %d" % (conf_id + 1)):
5693 raise Exception("DPP_CONFIGURATOR_GET_KEY with incorrect id accepted")
5694
5695 cmd = "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % (conf_id + 1)
5696 if "FAIL" not in dev.request(cmd):
5697 raise Exception("DPP_CONFIGURATOR_SIGN with incorrect id accepted")
5698
5699 def test_dpp_configurator_id_unknown(dev, apdev):
5700 """DPP and unknown configurator id"""
5701 run_dpp_configurator_id_unknown(dev[0])
5702 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
5703 run_dpp_configurator_id_unknown(hapd)
5704
5705 def run_dpp_bootstrap_gen_failures(dev, hostapd):
5706 check_dpp_capab(dev)
5707
5708 tests = [ "type=unsupported",
5709 "type=qrcode chan=-1",
5710 "type=qrcode mac=a",
5711 "type=qrcode key=qq",
5712 "type=qrcode key=",
5713 "type=qrcode info=abc\tdef" ]
5714 for t in tests:
5715 if "FAIL" not in dev.request("DPP_BOOTSTRAP_GEN " + t):
5716 raise Exception("Command accepted unexpectedly")
5717
5718 id = dev.request("DPP_BOOTSTRAP_GEN type=qrcode")
5719 if "FAIL" in id:
5720 raise Exception("Failed to generate bootstrap info")
5721 uri = dev.request("DPP_BOOTSTRAP_GET_URI " + id)
5722 if not uri.startswith("DPP:"):
5723 raise Exception("Could not get URI")
5724 if "FAIL" not in dev.request("DPP_BOOTSTRAP_GET_URI 0"):
5725 raise Exception("Failure not reported")
5726 info = dev.request("DPP_BOOTSTRAP_INFO " + id)
5727 if not info.startswith("type=QRCODE"):
5728 raise Exception("Could not get info")
5729 if "FAIL" not in dev.request("DPP_BOOTSTRAP_REMOVE 0"):
5730 raise Exception("Failure not reported")
5731 if "FAIL" in dev.request("DPP_BOOTSTRAP_REMOVE *"):
5732 raise Exception("Failed to remove bootstrap info")
5733 if "FAIL" not in dev.request("DPP_BOOTSTRAP_GET_URI " + id):
5734 raise Exception("Failure not reported")
5735 if "FAIL" not in dev.request("DPP_BOOTSTRAP_INFO " + id):
5736 raise Exception("Failure not reported")
5737
5738 func = "hostapd_dpp_bootstrap_gen" if hostapd else "wpas_dpp_bootstrap_gen"
5739 with alloc_fail(dev, 1, "=" + func):
5740 if "FAIL" not in dev.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5741 raise Exception("Command accepted unexpectedly")
5742
5743 with alloc_fail(dev, 2, "=" + func):
5744 if "FAIL" not in dev.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5745 raise Exception("Command accepted unexpectedly")
5746
5747 with alloc_fail(dev, 1, "get_param"):
5748 dev.request("DPP_BOOTSTRAP_GEN type=qrcode curve=foo")
5749
5750 def test_dpp_bootstrap_gen_failures(dev, apdev):
5751 """DPP_BOOTSTRAP_GEN/REMOVE/GET_URI/INFO error cases"""
5752 run_dpp_bootstrap_gen_failures(dev[0], False)
5753 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
5754 run_dpp_bootstrap_gen_failures(hapd, True)
5755
5756 def test_dpp_listen_continue(dev, apdev):
5757 """DPP and continue listen state"""
5758 check_dpp_capab(dev[0])
5759 check_dpp_capab(dev[1])
5760
5761 addr = dev[0].own_addr().replace(':', '')
5762 id = dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
5763 if "FAIL" in id:
5764 raise Exception("Failed to set key for " + curve)
5765 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI " + id)
5766
5767 if "OK" not in dev[0].request("DPP_LISTEN 2412"):
5768 raise Exception("Failed to start listen operation")
5769 time.sleep(5.1)
5770
5771 res = dev[1].request("DPP_QR_CODE " + uri)
5772 if "FAIL" in res:
5773 raise Exception("Failed to parse QR Code URI")
5774 if "OK" not in dev[1].request("DPP_AUTH_INIT peer=" + res):
5775 raise Exception("Failed to initiate DPP Authentication")
5776 ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=2)
5777 if ev is None:
5778 raise Exception("DPP configuration result not seen (Enrollee)")
5779 ev = dev[1].wait_event(["DPP-CONF-SENT"], timeout=2)
5780 if ev is None:
5781 raise Exception("DPP configuration result not seen (Responder)")
5782 dev[0].request("DPP_STOP_LISTEN")
5783 dev[1].request("DPP_STOP_LISTEN")
5784
5785 def test_dpp_network_addition_failure(dev, apdev):
5786 """DPP network addition failure"""
5787 try:
5788 run_dpp_network_addition_failure(dev, apdev)
5789 finally:
5790 dev[0].set("dpp_config_processing", "0")
5791
5792 def run_dpp_network_addition_failure(dev, apdev):
5793 check_dpp_capab(dev[0])
5794
5795 res = dev[0].request("DPP_CONFIGURATOR_ADD");
5796 if "FAIL" in res:
5797 raise Exception("Failed to add configurator")
5798 conf_id = int(res)
5799
5800 dev[0].set("dpp_config_processing", "1")
5801 cmd = "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5802 tests = [ (1, "=wpas_dpp_add_network"),
5803 (2, "=wpas_dpp_add_network"),
5804 (3, "=wpas_dpp_add_network"),
5805 (4, "=wpas_dpp_add_network"),
5806 (1, "wpa_config_add_network;wpas_dpp_add_network") ]
5807 for count,func in tests:
5808 with alloc_fail(dev[0], count, func):
5809 res = dev[0].request(cmd)
5810 if "FAIL" in res:
5811 raise Exception("Failed to generate own configuration")
5812 ev = dev[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout=2)
5813 if ev is None:
5814 raise Exception("Config object not processed")
5815 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
5816 dev[0].dump_monitor()
5817
5818 cmd = "DPP_CONFIGURATOR_SIGN conf=sta-psk pass=%s configurator=%d" % ("passphrase".encode("hex"), conf_id)
5819 tests = [ (1, "wpa_config_set_quoted;wpas_dpp_add_network") ]
5820 for count,func in tests:
5821 with alloc_fail(dev[0], count, func):
5822 res = dev[0].request(cmd)
5823 if "FAIL" in res:
5824 raise Exception("Failed to generate own configuration")
5825 ev = dev[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout=2)
5826 if ev is None:
5827 raise Exception("Config object not processed")
5828 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
5829 dev[0].dump_monitor()
Unnamed repository; edit this file 'description' to name the repository.