1 # Test cases for Device Provisioning Protocol (DPP)
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018, The Linux Foundation
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
12 logger
= logging
.getLogger()
19 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
20 from wpasupplicant
import WpaSupplicant
24 openssl_imported
= True
26 openssl_imported
= False
28 def check_dpp_capab(dev
, brainpool
=False):
29 if "UNKNOWN COMMAND" in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
30 raise HwsimSkip("DPP not supported")
32 tls
= dev
.request("GET tls_library")
33 if not tls
.startswith("OpenSSL") or "run=BoringSSL" in tls
:
34 raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls
)
36 def test_dpp_qr_code_parsing(dev
, apdev
):
37 """DPP QR Code parsing"""
38 check_dpp_capab(dev
[0])
41 tests
= [ "DPP:C:81/1,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
42 "DPP:C:81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13,82/14,83/1,83/2,83/3,83/4,83/5,83/6,83/7,83/8,83/9,84/5,84/6,84/7,84/8,84/9,84/10,84/11,84/12,84/13,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
43 "DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
44 "DPP:I:;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;" ]
46 res
= dev
[0].request("DPP_QR_CODE " + uri
)
48 raise Exception("Failed to parse QR Code")
51 uri2
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id[-1])
53 raise Exception("Returned URI does not match")
59 "DPP:I:;M:01020304050;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
60 "DPP:K:" + base64
.b64encode("hello") + ";;",
61 "DPP:K:MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
62 "DPP:K:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNZaZA4T/kRDjnmpI1ACOJhAuTIIEk2KFOpS6XPpGF+EVr/ao3XemkE0/nzXmGaLzLqTUCJknSdxTnVPeWfCVsCAwEAAQ==;;",
63 "DPP:K:MIIBCjCB0wYHKoZIzj0CATCBxwIBATAkBgcqhkjOPQEBAhkA/////////////////////v//////////MEsEGP////////////////////7//////////AQYZCEFGeWcgOcPp+mrciQwSf643uzBRrmxAxUAMEWub8hCL2TtV5Uo04Eg6uEhltUEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
64 "DPP:I:foo\tbar;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
65 "DPP:C:1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
66 "DPP:C:81/1a;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
67 "DPP:C:1/2000,81/-1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
68 "DPP:C:-1/1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;" ]
70 res
= dev
[0].request("DPP_QR_CODE " + t
)
72 raise Exception("Accepted invalid QR Code: " + t
)
74 logger
.info("ID: " + str(id))
75 if id[0] == id[1] or id[0] == id[2] or id[1] == id[2]:
76 raise Exception("Duplicate ID returned")
78 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE 12345678"):
79 raise Exception("DPP_BOOTSTRAP_REMOVE accepted unexpectedly")
80 if "OK" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE %d" % id[1]):
81 raise Exception("DPP_BOOTSTRAP_REMOVE failed")
83 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode")
85 raise Exception("Failed to generate bootstrapping info")
86 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
87 logger
.info("Generated URI: " + uri
)
89 res
= dev
[0].request("DPP_QR_CODE " + uri
)
91 raise Exception("Failed to parse self-generated QR Code URI")
93 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,115/36 mac=010203040506 info=foo")
95 raise Exception("Failed to generate bootstrapping info")
96 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % int(res
))
97 logger
.info("Generated URI: " + uri
)
99 res
= dev
[0].request("DPP_QR_CODE " + uri
)
101 raise Exception("Failed to parse self-generated QR Code URI")
103 def test_dpp_qr_code_parsing_fail(dev
, apdev
):
104 """DPP QR Code parsing local failure"""
105 check_dpp_capab(dev
[0])
106 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_info"):
107 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
108 raise Exception("DPP_QR_CODE failure not reported")
110 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_pk"):
111 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
112 raise Exception("DPP_QR_CODE failure not reported")
114 with
fail_test(dev
[0], 1, "dpp_parse_uri_pk"):
115 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
116 raise Exception("DPP_QR_CODE failure not reported")
118 with
alloc_fail(dev
[0], 1, "dpp_parse_uri"):
119 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
120 raise Exception("DPP_QR_CODE failure not reported")
122 dpp_key_p256
="30570201010420777fc55dc51e967c10ec051b91d860b5f1e6c934e48d5daffef98d032c64b170a00a06082a8648ce3d030107a124032200020c804188c7f85beb6e91070d2b3e5e39b90ca77b4d3c5251bc1844d6ca29dcad"
123 dpp_key_p384
= "307402010104302f56fdd83b5345cacb630eb7c22fa5ad5daba37307c95191e2a75756d137003bd8b32dbcb00eb5650c1eb499ecfcaec0a00706052b81040022a13403320003615ec2141b5b77aebb6523f8a012755f9a34405a8398d2ceeeebca7f5ce868bf55056cba4c4ec62fad3ed26dd29e0f23"
124 dpp_key_p521
= "308198020101044200c8010d5357204c252551aaf4e210343111e503fd1dc615b257058997c49b6b643c975226e93be8181cca3d83a7072defd161dfbdf433c19abe1f2ad51867a05761a00706052b81040023a1460344000301cdf3608b1305fe34a1f976095dcf001182b9973354efe156291a66830292f9babd8f412ad462958663e7a75d1d0610abdfc3dd95d40669f7ab3bc001668cfb3b7c"
125 dpp_key_bp256
= "3058020101042057133a676fb60bf2a3e6797e19833c7b0f89dc192ab99ab5fa377ae23a157765a00b06092b2403030208010107a12403220002945d9bf7ce30c9c1ac0ff21ca62b984d5bb80ff69d2be8c9716ab39a10d2caf0"
126 dpp_key_bp384
= "307802010104304902df9f3033a9b7128554c0851dc7127c3573eed150671dae74c0013e9896a9b1c22b6f7d43d8a2ebb7cd474dc55039a00b06092b240303020801010ba13403320003623cb5e68787f351faababf3425161571560add2e6f9a306fcbffb507735bf955bb46dd20ba246b0d5cadce73e5bd6a6"
127 dpp_key_bp512
= "30819802010104405803494226eb7e50bf0e90633f37e7e35d33f5fa502165eeba721d927f9f846caf12e925701d18e123abaaaf4a7edb4fc4de21ce18bc10c4d12e8b3439f74e40a00b06092b240303020801010da144034200033b086ccd47486522d35dc16fbb2229642c2e9e87897d45abbf21f9fb52acb5a6272b31d1b227c3e53720769cc16b4cb181b26cd0d35fe463218aaedf3b6ec00a"
129 def test_dpp_qr_code_curves(dev
, apdev
):
130 """DPP QR Code and supported curves"""
131 check_dpp_capab(dev
[0])
132 tests
= [ ("prime256v1", dpp_key_p256
),
133 ("secp384r1", dpp_key_p384
),
134 ("secp521r1", dpp_key_p521
) ]
135 for curve
, hex in tests
:
136 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
138 raise Exception("Failed to set key for " + curve
)
139 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
141 raise Exception("Failed to get info for " + curve
)
142 if "curve=" + curve
not in info
:
143 raise Exception("Curve mismatch for " + curve
)
145 def test_dpp_qr_code_curves_brainpool(dev
, apdev
):
146 """DPP QR Code and supported Brainpool curves"""
147 check_dpp_capab(dev
[0], brainpool
=True)
148 tests
= [ ("brainpoolP256r1", dpp_key_bp256
),
149 ("brainpoolP384r1", dpp_key_bp384
),
150 ("brainpoolP512r1", dpp_key_bp512
) ]
151 for curve
, hex in tests
:
152 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
154 raise Exception("Failed to set key for " + curve
)
155 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
157 raise Exception("Failed to get info for " + curve
)
158 if "curve=" + curve
not in info
:
159 raise Exception("Curve mismatch for " + curve
)
161 def test_dpp_qr_code_unsupported_curve(dev
, apdev
):
162 """DPP QR Code and unsupported curve"""
163 check_dpp_capab(dev
[0])
165 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode curve=unsupported")
167 raise Exception("Unsupported curve accepted")
170 "305f02010104187f723ed9e1b41979ec5cd02eb82696efc76b40e277661049a00a06082a8648ce3d030101a134033200043f292614dea97c43f500f069e79ae9fb48f8b07369180de5eec8fa2bc9eea5af7a46dc335f52f10cb1c0e9464201d41b" ]
172 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
174 raise Exception("Unsupported/invalid curve accepted")
176 def test_dpp_qr_code_keygen_fail(dev
, apdev
):
177 """DPP QR Code and keygen failure"""
178 check_dpp_capab(dev
[0])
180 with
alloc_fail(dev
[0], 1, "dpp_bootstrap_key_der;dpp_keygen"):
181 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
182 raise Exception("Failure not reported")
184 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen"):
185 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
186 raise Exception("Failure not reported")
188 def test_dpp_qr_code_curve_select(dev
, apdev
):
189 """DPP QR Code and curve selection"""
190 check_dpp_capab(dev
[0], brainpool
=True)
191 check_dpp_capab(dev
[1], brainpool
=True)
193 addr
= dev
[0].own_addr().replace(':', '')
195 for key
in [ dpp_key_p256
, dpp_key_p384
, dpp_key_p521
,
196 dpp_key_bp256
, dpp_key_bp384
, dpp_key_bp512
]:
197 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " key=" + key
)
199 raise Exception("Failed to set key for " + curve
)
200 info
= dev
[0].request("DPP_BOOTSTRAP_INFO " + id)
201 for i
in info
.splitlines():
203 name
, val
= i
.split('=')
207 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
208 bi
.append((curve
, uri
))
210 for curve
, uri
in bi
:
211 logger
.info("Curve: " + curve
)
212 logger
.info("URI: " + uri
)
214 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
215 raise Exception("Failed to start listen operation")
217 res
= dev
[1].request("DPP_QR_CODE " + uri
)
219 raise Exception("Failed to parse QR Code URI")
220 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=" + res
):
221 raise Exception("Failed to initiate DPP Authentication")
222 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
224 raise Exception("DPP authentication did not succeed (Responder)")
225 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
227 raise Exception("DPP authentication did not succeed (Initiator)")
228 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
230 raise Exception("DPP configuration result not seen (Enrollee)")
231 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
233 raise Exception("DPP configuration result not seen (Responder)")
234 dev
[0].request("DPP_STOP_LISTEN")
235 dev
[1].request("DPP_STOP_LISTEN")
236 dev
[0].dump_monitor()
237 dev
[1].dump_monitor()
239 def test_dpp_qr_code_auth_broadcast(dev
, apdev
):
240 """DPP QR Code and authentication exchange (broadcast)"""
241 check_dpp_capab(dev
[0])
242 check_dpp_capab(dev
[1])
243 logger
.info("dev0 displays QR Code")
244 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1")
246 raise Exception("Failed to generate bootstrapping info")
248 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
250 logger
.info("dev1 scans QR Code")
251 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
253 raise Exception("Failed to parse QR Code URI")
256 logger
.info("dev1 initiates DPP Authentication")
257 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
258 raise Exception("Failed to start listen operation")
259 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
260 raise Exception("Failed to initiate DPP Authentication")
261 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
263 raise Exception("DPP authentication did not succeed (Responder)")
264 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
266 raise Exception("DPP authentication did not succeed (Initiator)")
267 dev
[0].request("DPP_STOP_LISTEN")
269 def test_dpp_qr_code_auth_unicast(dev
, apdev
):
270 """DPP QR Code and authentication exchange (unicast)"""
271 run_dpp_qr_code_auth_unicast(dev
, apdev
, None)
273 def test_dpp_qr_code_auth_unicast_ap_enrollee(dev
, apdev
):
274 """DPP QR Code and authentication exchange (AP enrollee)"""
275 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, netrole
="ap")
277 def test_dpp_qr_code_curve_prime256v1(dev
, apdev
):
278 """DPP QR Code and curve prime256v1"""
279 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1")
281 def test_dpp_qr_code_curve_secp384r1(dev
, apdev
):
282 """DPP QR Code and curve secp384r1"""
283 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1")
285 def test_dpp_qr_code_curve_secp521r1(dev
, apdev
):
286 """DPP QR Code and curve secp521r1"""
287 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1")
289 def test_dpp_qr_code_curve_brainpoolP256r1(dev
, apdev
):
290 """DPP QR Code and curve brainpoolP256r1"""
291 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP256r1")
293 def test_dpp_qr_code_curve_brainpoolP384r1(dev
, apdev
):
294 """DPP QR Code and curve brainpoolP384r1"""
295 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP384r1")
297 def test_dpp_qr_code_curve_brainpoolP512r1(dev
, apdev
):
298 """DPP QR Code and curve brainpoolP512r1"""
299 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP512r1")
301 def test_dpp_qr_code_set_key(dev
, apdev
):
302 """DPP QR Code and fixed bootstrapping key"""
303 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, key
="30770201010420e5143ac74682cc6869a830e8f5301a5fa569130ac329b1d7dd6f2a7495dbcbe1a00a06082a8648ce3d030107a144034200045e13e167c33dbc7d85541e5509600aa8139bbb3e39e25898992c5d01be92039ee2850f17e71506ded0d6b25677441eae249f8e225c68dd15a6354dca54006383")
305 def run_dpp_qr_code_auth_unicast(dev
, apdev
, curve
, netrole
=None, key
=None,
306 require_conf_success
=False, init_extra
=None,
307 require_conf_failure
=False,
308 configurator
=False, conf_curve
=None):
309 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
310 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
312 logger
.info("Create configurator on dev1")
313 cmd
= "DPP_CONFIGURATOR_ADD"
315 cmd
+= " curve=" + conf_curve
316 res
= dev
[1].request(cmd
);
318 raise Exception("Failed to add configurator")
321 logger
.info("dev0 displays QR Code")
322 addr
= dev
[0].own_addr().replace(':', '')
323 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
325 cmd
+= " curve=" + curve
328 res
= dev
[0].request(cmd
)
330 raise Exception("Failed to generate bootstrapping info")
332 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
334 logger
.info("dev1 scans QR Code")
335 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
337 raise Exception("Failed to parse QR Code URI")
340 logger
.info("dev1 initiates DPP Authentication")
341 cmd
= "DPP_LISTEN 2412"
343 cmd
+= " netrole=" + netrole
344 if "OK" not in dev
[0].request(cmd
):
345 raise Exception("Failed to start listen operation")
346 cmd
= "DPP_AUTH_INIT peer=%d" % id1
348 cmd
+= " " + init_extra
350 cmd
+= " configurator=%d" % conf_id
351 if "OK" not in dev
[1].request(cmd
):
352 raise Exception("Failed to initiate DPP Authentication")
353 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
355 raise Exception("DPP authentication did not succeed (Responder)")
356 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
358 raise Exception("DPP authentication did not succeed (Initiator)")
359 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
361 raise Exception("DPP configuration not completed (Configurator)")
362 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
364 raise Exception("DPP configuration not completed (Enrollee)")
365 if require_conf_success
:
366 if "DPP-CONF-FAILED" in ev
:
367 raise Exception("DPP configuration failed")
368 if require_conf_failure
:
369 if "DPP-CONF-SUCCESS" in ev
:
370 raise Exception("DPP configuration succeeded unexpectedly")
371 dev
[0].request("DPP_STOP_LISTEN")
372 dev
[0].dump_monitor()
373 dev
[1].dump_monitor()
375 def test_dpp_qr_code_auth_mutual(dev
, apdev
):
376 """DPP QR Code and authentication exchange (mutual)"""
377 check_dpp_capab(dev
[0])
378 check_dpp_capab(dev
[1])
379 logger
.info("dev0 displays QR Code")
380 addr
= dev
[0].own_addr().replace(':', '')
381 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
383 raise Exception("Failed to generate bootstrapping info")
385 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
387 logger
.info("dev1 scans QR Code")
388 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
390 raise Exception("Failed to parse QR Code URI")
393 logger
.info("dev1 displays QR Code")
394 addr
= dev
[1].own_addr().replace(':', '')
395 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
397 raise Exception("Failed to generate bootstrapping info")
399 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
401 logger
.info("dev0 scans QR Code")
402 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
404 raise Exception("Failed to parse QR Code URI")
407 logger
.info("dev1 initiates DPP Authentication")
408 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
409 raise Exception("Failed to start listen operation")
410 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
411 raise Exception("Failed to initiate DPP Authentication")
413 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
415 raise Exception("DPP authentication direction not indicated (Initiator)")
416 if "mutual=1" not in ev
:
417 raise Exception("Mutual authentication not used")
419 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
421 raise Exception("DPP authentication did not succeed (Responder)")
422 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
424 raise Exception("DPP authentication did not succeed (Initiator)")
425 dev
[0].request("DPP_STOP_LISTEN")
427 def test_dpp_qr_code_auth_mutual2(dev
, apdev
):
428 """DPP QR Code and authentication exchange (mutual2)"""
429 check_dpp_capab(dev
[0])
430 check_dpp_capab(dev
[1])
431 logger
.info("dev0 displays QR Code")
432 addr
= dev
[0].own_addr().replace(':', '')
433 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
435 raise Exception("Failed to generate bootstrapping info")
437 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
439 logger
.info("dev1 scans QR Code")
440 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
442 raise Exception("Failed to parse QR Code URI")
445 logger
.info("dev1 displays QR Code")
446 addr
= dev
[1].own_addr().replace(':', '')
447 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
449 raise Exception("Failed to generate bootstrapping info")
451 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
453 logger
.info("dev1 initiates DPP Authentication")
454 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
455 raise Exception("Failed to start listen operation")
456 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
457 raise Exception("Failed to initiate DPP Authentication")
459 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
461 raise Exception("Pending response not reported")
462 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
464 raise Exception("QR Code scan for mutual authentication not requested")
466 logger
.info("dev0 scans QR Code")
467 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
469 raise Exception("Failed to parse QR Code URI")
472 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
474 raise Exception("DPP authentication direction not indicated (Initiator)")
475 if "mutual=1" not in ev
:
476 raise Exception("Mutual authentication not used")
478 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
480 raise Exception("DPP authentication did not succeed (Responder)")
481 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
483 raise Exception("DPP authentication did not succeed (Initiator)")
484 dev
[0].request("DPP_STOP_LISTEN")
486 def test_dpp_qr_code_auth_mutual_p_256(dev
, apdev
):
487 """DPP QR Code and authentication exchange (mutual, autogen P-256)"""
488 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-256")
490 def test_dpp_qr_code_auth_mutual_p_384(dev
, apdev
):
491 """DPP QR Code and authentication exchange (mutual, autogen P-384)"""
492 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-384")
494 def test_dpp_qr_code_auth_mutual_p_521(dev
, apdev
):
495 """DPP QR Code and authentication exchange (mutual, autogen P-521)"""
496 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-521")
498 def test_dpp_qr_code_auth_mutual_bp_256(dev
, apdev
):
499 """DPP QR Code and authentication exchange (mutual, autogen BP-256)"""
500 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-256")
502 def test_dpp_qr_code_auth_mutual_bp_384(dev
, apdev
):
503 """DPP QR Code and authentication exchange (mutual, autogen BP-384)"""
504 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-384")
506 def test_dpp_qr_code_auth_mutual_bp_512(dev
, apdev
):
507 """DPP QR Code and authentication exchange (mutual, autogen BP-512)"""
508 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-512")
510 def run_dpp_qr_code_auth_mutual(dev
, apdev
, curve
):
511 check_dpp_capab(dev
[0], curve
and "BP-" in curve
)
512 check_dpp_capab(dev
[1], curve
and "BP-" in curve
)
513 logger
.info("dev0 displays QR Code")
514 addr
= dev
[0].own_addr().replace(':', '')
515 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
516 cmd
+= " curve=" + curve
517 res
= dev
[0].request(cmd
)
519 raise Exception("Failed to generate bootstrapping info")
521 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
523 logger
.info("dev1 scans QR Code")
524 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
526 raise Exception("Failed to parse QR Code URI")
529 logger
.info("dev1 initiates DPP Authentication")
530 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
531 raise Exception("Failed to start listen operation")
532 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % (id1
)):
533 raise Exception("Failed to initiate DPP Authentication")
535 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
537 raise Exception("Pending response not reported")
538 uri
= ev
.split(' ')[1]
540 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
542 raise Exception("QR Code scan for mutual authentication not requested")
544 logger
.info("dev0 scans QR Code")
545 res
= dev
[0].request("DPP_QR_CODE " + uri
)
547 raise Exception("Failed to parse QR Code URI")
549 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
551 raise Exception("DPP authentication direction not indicated (Initiator)")
552 if "mutual=1" not in ev
:
553 raise Exception("Mutual authentication not used")
555 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
557 raise Exception("DPP authentication did not succeed (Responder)")
558 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
560 raise Exception("DPP authentication did not succeed (Initiator)")
561 dev
[0].request("DPP_STOP_LISTEN")
563 def test_dpp_auth_resp_retries(dev
, apdev
):
564 """DPP Authentication Response retries"""
565 check_dpp_capab(dev
[0])
566 check_dpp_capab(dev
[1])
567 dev
[0].set("dpp_resp_max_tries", "3")
568 dev
[0].set("dpp_resp_retry_time", "100")
570 logger
.info("dev0 displays QR Code")
571 addr
= dev
[0].own_addr().replace(':', '')
572 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
574 raise Exception("Failed to generate bootstrapping info")
576 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
578 logger
.info("dev1 scans QR Code")
579 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
581 raise Exception("Failed to parse QR Code URI")
584 logger
.info("dev1 displays QR Code")
585 addr
= dev
[1].own_addr().replace(':', '')
586 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
588 raise Exception("Failed to generate bootstrapping info")
590 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
592 logger
.info("dev1 initiates DPP Authentication")
593 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
594 raise Exception("Failed to start listen operation")
595 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
596 raise Exception("Failed to initiate DPP Authentication")
598 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
600 raise Exception("Pending response not reported")
601 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
603 raise Exception("QR Code scan for mutual authentication not requested")
605 # Stop Initiator from listening to frames to force retransmission of the
606 # DPP Authentication Response frame with Status=0
607 dev
[1].request("DPP_STOP_LISTEN")
609 dev
[1].dump_monitor()
610 dev
[0].dump_monitor()
612 logger
.info("dev0 scans QR Code")
613 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
615 raise Exception("Failed to parse QR Code URI")
618 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
619 if ev
is None or "type=1" not in ev
:
620 raise Exception("DPP Authentication Response not sent")
621 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
623 raise Exception("TX status for DPP Authentication Response not reported")
624 if "result=no-ACK" not in ev
:
625 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
627 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=15)
628 if ev
is None or "type=1" not in ev
:
629 raise Exception("DPP Authentication Response retransmission not sent")
631 def test_dpp_qr_code_auth_mutual_not_used(dev
, apdev
):
632 """DPP QR Code and authentication exchange (mutual not used)"""
633 check_dpp_capab(dev
[0])
634 check_dpp_capab(dev
[1])
635 logger
.info("dev0 displays QR Code")
636 addr
= dev
[0].own_addr().replace(':', '')
637 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
639 raise Exception("Failed to generate bootstrapping info")
641 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
643 logger
.info("dev1 scans QR Code")
644 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
646 raise Exception("Failed to parse QR Code URI")
649 logger
.info("dev1 displays QR Code")
650 addr
= dev
[1].own_addr().replace(':', '')
651 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
653 raise Exception("Failed to generate bootstrapping info")
655 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
657 logger
.info("dev0 does not scan QR Code")
659 logger
.info("dev1 initiates DPP Authentication")
660 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
661 raise Exception("Failed to start listen operation")
662 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
663 raise Exception("Failed to initiate DPP Authentication")
665 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
667 raise Exception("DPP authentication direction not indicated (Initiator)")
668 if "mutual=0" not in ev
:
669 raise Exception("Mutual authentication not used")
671 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
673 raise Exception("DPP authentication did not succeed (Responder)")
674 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
676 raise Exception("DPP authentication did not succeed (Initiator)")
677 dev
[0].request("DPP_STOP_LISTEN")
679 def test_dpp_qr_code_auth_mutual_curve_mismatch(dev
, apdev
):
680 """DPP QR Code and authentication exchange (mutual/mismatch)"""
681 check_dpp_capab(dev
[0])
682 check_dpp_capab(dev
[1])
683 logger
.info("dev0 displays QR Code")
684 addr
= dev
[0].own_addr().replace(':', '')
685 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
687 raise Exception("Failed to generate bootstrapping info")
689 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
691 logger
.info("dev1 scans QR Code")
692 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
694 raise Exception("Failed to parse QR Code URI")
697 logger
.info("dev1 displays QR Code")
698 addr
= dev
[1].own_addr().replace(':', '')
699 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
+ " curve=secp384r1")
701 raise Exception("Failed to generate bootstrapping info")
703 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
705 logger
.info("dev0 scans QR Code")
706 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
708 raise Exception("Failed to parse QR Code URI")
711 res
= dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
))
712 if "FAIL" not in res
:
713 raise Exception("DPP_AUTH_INIT accepted unexpectedly")
715 def test_dpp_qr_code_auth_hostapd_mutual2(dev
, apdev
):
716 """DPP QR Code and authentication exchange (hostapd mutual2)"""
717 check_dpp_capab(dev
[0])
718 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
719 check_dpp_capab(hapd
)
721 logger
.info("AP displays QR Code")
722 addr
= hapd
.own_addr().replace(':', '')
723 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
724 res
= hapd
.request(cmd
)
726 raise Exception("Failed to generate bootstrapping info")
728 uri_h
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
730 logger
.info("dev0 scans QR Code")
731 res
= dev
[0].request("DPP_QR_CODE " + uri_h
)
733 raise Exception("Failed to parse QR Code URI")
736 logger
.info("dev0 displays QR Code")
737 addr
= dev
[0].own_addr().replace(':', '')
738 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
740 raise Exception("Failed to generate bootstrapping info")
742 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0b
)
744 logger
.info("dev0 initiates DPP Authentication")
745 if "OK" not in hapd
.request("DPP_LISTEN 2412 qr=mutual"):
746 raise Exception("Failed to start listen operation")
747 if "OK" not in dev
[0].request("DPP_AUTH_INIT peer=%d own=%d" % (id0
, id0b
)):
748 raise Exception("Failed to initiate DPP Authentication")
750 ev
= dev
[0].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
752 raise Exception("Pending response not reported")
753 ev
= hapd
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
755 raise Exception("QR Code scan for mutual authentication not requested")
757 logger
.info("AP scans QR Code")
758 res
= hapd
.request("DPP_QR_CODE " + uri0
)
760 raise Exception("Failed to parse QR Code URI")
762 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
764 raise Exception("DPP authentication did not succeed (Responder)")
765 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
767 raise Exception("DPP authentication did not succeed (Initiator)")
768 hapd
.request("DPP_STOP_LISTEN")
770 def test_dpp_qr_code_listen_continue(dev
, apdev
):
771 """DPP QR Code and listen operation needing continuation"""
772 check_dpp_capab(dev
[0])
773 check_dpp_capab(dev
[1])
774 logger
.info("dev0 displays QR Code")
775 addr
= dev
[0].own_addr().replace(':', '')
776 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
778 raise Exception("Failed to generate bootstrapping info")
780 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
782 logger
.info("dev1 scans QR Code")
783 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
785 raise Exception("Failed to parse QR Code URI")
788 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
789 raise Exception("Failed to start listen operation")
790 logger
.info("Wait for listen to expire and get restarted")
792 logger
.info("dev1 initiates DPP Authentication")
793 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
794 raise Exception("Failed to initiate DPP Authentication")
795 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
797 raise Exception("DPP authentication did not succeed (Responder)")
798 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
800 raise Exception("DPP authentication did not succeed (Initiator)")
801 dev
[0].request("DPP_STOP_LISTEN")
803 def test_dpp_qr_code_auth_initiator_enrollee(dev
, apdev
):
804 """DPP QR Code and authentication exchange (Initiator in Enrollee role)"""
805 check_dpp_capab(dev
[0])
806 check_dpp_capab(dev
[1])
807 dev
[0].request("SET gas_address3 1")
808 dev
[1].request("SET gas_address3 1")
809 logger
.info("dev0 displays QR Code")
810 addr
= dev
[0].own_addr().replace(':', '')
811 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
813 raise Exception("Failed to generate bootstrapping info")
815 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
817 logger
.info("dev1 scans QR Code")
818 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
820 raise Exception("Failed to parse QR Code URI")
823 logger
.info("dev1 initiates DPP Authentication")
824 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
825 raise Exception("Failed to start listen operation")
826 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
827 raise Exception("Failed to initiate DPP Authentication")
828 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
830 raise Exception("DPP authentication did not succeed (Responder)")
831 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
833 raise Exception("DPP authentication did not succeed (Initiator)")
835 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
837 raise Exception("DPP configuration did not succeed (Configurator)")
838 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
840 raise Exception("DPP configuration did not succeed (Enrollee)")
842 dev
[0].request("DPP_STOP_LISTEN")
844 def test_dpp_qr_code_auth_initiator_either_1(dev
, apdev
):
845 """DPP QR Code and authentication exchange (Initiator in either role)"""
846 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, None, dev
[1], dev
[0])
848 def test_dpp_qr_code_auth_initiator_either_2(dev
, apdev
):
849 """DPP QR Code and authentication exchange (Initiator in either role)"""
850 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "enrollee",
853 def test_dpp_qr_code_auth_initiator_either_3(dev
, apdev
):
854 """DPP QR Code and authentication exchange (Initiator in either role)"""
855 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "configurator",
858 def run_dpp_qr_code_auth_initiator_either(dev
, apdev
, resp_role
,
859 conf_dev
, enrollee_dev
):
860 check_dpp_capab(dev
[0])
861 check_dpp_capab(dev
[1])
862 logger
.info("dev0 displays QR Code")
863 addr
= dev
[0].own_addr().replace(':', '')
864 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
866 raise Exception("Failed to generate bootstrapping info")
868 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
870 logger
.info("dev1 scans QR Code")
871 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
873 raise Exception("Failed to parse QR Code URI")
876 logger
.info("dev1 initiates DPP Authentication")
877 cmd
= "DPP_LISTEN 2412"
879 cmd
+= " role=" + resp_role
880 if "OK" not in dev
[0].request(cmd
):
881 raise Exception("Failed to start listen operation")
882 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=either" % id1
):
883 raise Exception("Failed to initiate DPP Authentication")
884 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
886 raise Exception("DPP authentication did not succeed (Responder)")
887 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
889 raise Exception("DPP authentication did not succeed (Initiator)")
891 ev
= conf_dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
893 raise Exception("DPP configuration did not succeed (Configurator)")
894 ev
= enrollee_dev
.wait_event(["DPP-CONF-FAILED"], timeout
=5)
896 raise Exception("DPP configuration did not succeed (Enrollee)")
898 dev
[0].request("DPP_STOP_LISTEN")
900 def run_init_incompatible_roles(dev
, role
="enrollee"):
901 check_dpp_capab(dev
[0])
902 check_dpp_capab(dev
[1])
903 logger
.info("dev0 displays QR Code")
904 addr
= dev
[0].own_addr().replace(':', '')
905 res
= dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
907 raise Exception("Failed to generate bootstrapping info")
909 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
911 logger
.info("dev1 scans QR Code")
912 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
914 raise Exception("Failed to parse QR Code URI")
917 logger
.info("dev1 initiates DPP Authentication")
918 if "OK" not in dev
[0].request("DPP_LISTEN 2412 role=%s" % role
):
919 raise Exception("Failed to start listen operation")
922 def test_dpp_qr_code_auth_incompatible_roles(dev
, apdev
):
923 """DPP QR Code and authentication exchange (incompatible roles)"""
924 id1
= run_init_incompatible_roles(dev
)
925 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
926 raise Exception("Failed to initiate DPP Authentication")
927 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
929 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
930 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
932 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
934 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
935 raise Exception("Failed to initiate DPP Authentication")
936 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
938 raise Exception("DPP authentication did not succeed (Responder)")
939 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
941 raise Exception("DPP authentication did not succeed (Initiator)")
942 dev
[0].request("DPP_STOP_LISTEN")
944 def test_dpp_qr_code_auth_incompatible_roles2(dev
, apdev
):
945 """DPP QR Code and authentication exchange (incompatible roles 2)"""
946 id1
= run_init_incompatible_roles(dev
, role
="configurator")
947 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
948 raise Exception("Failed to initiate DPP Authentication")
949 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
951 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
952 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
954 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
956 def test_dpp_qr_code_auth_incompatible_roles_failure(dev
, apdev
):
957 """DPP QR Code and authentication exchange (incompatible roles failure)"""
958 id1
= run_init_incompatible_roles(dev
, role
="configurator")
959 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp_status"):
960 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
961 raise Exception("Failed to initiate DPP Authentication")
962 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
964 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
966 def test_dpp_qr_code_auth_incompatible_roles_failure2(dev
, apdev
):
967 """DPP QR Code and authentication exchange (incompatible roles failure 2)"""
968 id1
= run_init_incompatible_roles(dev
, role
="configurator")
969 with
alloc_fail(dev
[1], 1, "dpp_auth_resp_rx_status"):
970 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
971 raise Exception("Failed to initiate DPP Authentication")
972 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL")
974 def test_dpp_qr_code_auth_incompatible_roles_failure3(dev
, apdev
):
975 """DPP QR Code and authentication exchange (incompatible roles failure 3)"""
976 id1
= run_init_incompatible_roles(dev
, role
="configurator")
977 with
fail_test(dev
[1], 1, "dpp_auth_resp_rx_status"):
978 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
979 raise Exception("Failed to initiate DPP Authentication")
980 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
981 if ev
is None or "AES-SIV decryption failed" not in ev
:
982 raise Exception("AES-SIV decryption failure not reported")
984 def test_dpp_qr_code_auth_neg_chan(dev
, apdev
):
985 """DPP QR Code and authentication exchange with requested different channel"""
986 check_dpp_capab(dev
[0])
987 check_dpp_capab(dev
[1])
989 logger
.info("Create configurator on dev1")
990 cmd
= "DPP_CONFIGURATOR_ADD"
991 res
= dev
[1].request(cmd
);
993 raise Exception("Failed to add configurator")
996 logger
.info("dev0 displays QR Code")
997 addr
= dev
[0].own_addr().replace(':', '')
998 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
999 res
= dev
[0].request(cmd
)
1001 raise Exception("Failed to generate bootstrapping info")
1003 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1005 logger
.info("dev1 scans QR Code")
1006 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
1008 raise Exception("Failed to parse QR Code URI")
1011 logger
.info("dev1 initiates DPP Authentication")
1012 cmd
= "DPP_LISTEN 2412"
1013 if "OK" not in dev
[0].request(cmd
):
1014 raise Exception("Failed to start listen operation")
1015 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp neg_freq=2462" % (id1
, conf_id
)
1016 if "OK" not in dev
[1].request(cmd
):
1017 raise Exception("Failed to initiate DPP Authentication")
1019 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
1021 raise Exception("DPP Authentication Request not sent")
1022 if "freq=2412 type=0" not in ev
:
1023 raise Exception("Unexpected TX data for Authentication Request: " + ev
)
1025 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
1027 raise Exception("DPP Authentication Request not received")
1028 if "freq=2412 type=0" not in ev
:
1029 raise Exception("Unexpected RX data for Authentication Request: " + ev
)
1031 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
1033 raise Exception("TX status for DPP Authentication Request not reported")
1034 if "freq=2412 result=SUCCESS" not in ev
:
1035 raise Exception("Unexpected TX status for Authentication Request: " + ev
)
1037 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
1039 raise Exception("DPP Authentication Response not sent")
1040 if "freq=2462 type=1" not in ev
:
1041 raise Exception("Unexpected TX data for Authentication Response: " + ev
)
1043 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
1045 raise Exception("DPP Authentication Response not received")
1046 if "freq=2462 type=1" not in ev
:
1047 raise Exception("Unexpected RX data for Authentication Response: " + ev
)
1049 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
1051 raise Exception("TX status for DPP Authentication Response not reported")
1052 if "freq=2462 result=SUCCESS" not in ev
:
1053 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
1055 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
1057 raise Exception("DPP Authentication Confirm not sent")
1058 if "freq=2462 type=2" not in ev
:
1059 raise Exception("Unexpected TX data for Authentication Confirm: " + ev
)
1061 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
1063 raise Exception("DPP Authentication Confirm not received")
1064 if "freq=2462 type=2" not in ev
:
1065 raise Exception("Unexpected RX data for Authentication Confirm: " + ev
)
1067 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
1069 raise Exception("TX status for DPP Authentication Confirm not reported")
1070 if "freq=2462 result=SUCCESS" not in ev
:
1071 raise Exception("Unexpected TX status for Authentication Confirm: " + ev
)
1073 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1075 raise Exception("DPP authentication did not succeed (Responder)")
1076 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1078 raise Exception("DPP authentication did not succeed (Initiator)")
1079 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
1081 raise Exception("DPP configuration not completed (Configurator)")
1082 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
1084 raise Exception("DPP configuration not completed (Enrollee)")
1085 if "DPP-CONF-FAILED" in ev
:
1086 raise Exception("DPP configuration failed")
1087 dev
[0].request("DPP_STOP_LISTEN")
1088 dev
[0].dump_monitor()
1089 dev
[1].dump_monitor()
1091 def test_dpp_config_legacy(dev
, apdev
):
1092 """DPP Config Object for legacy network using passphrase"""
1093 check_dpp_capab(dev
[1])
1094 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}'
1095 dev
[1].set("dpp_config_obj_override", conf
)
1096 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1097 require_conf_success
=True)
1099 def test_dpp_config_legacy_psk_hex(dev
, apdev
):
1100 """DPP Config Object for legacy network using PSK"""
1101 check_dpp_capab(dev
[1])
1102 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"' + 32*"12" + '"}}'
1103 dev
[1].set("dpp_config_obj_override", conf
)
1104 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1105 require_conf_success
=True)
1107 def test_dpp_config_fragmentation(dev
, apdev
):
1108 """DPP Config Object for legacy network requiring fragmentation"""
1109 check_dpp_capab(dev
[1])
1110 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1111 dev
[1].set("dpp_config_obj_override", conf
)
1112 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1113 require_conf_success
=True)
1115 def test_dpp_config_legacy_gen(dev
, apdev
):
1116 """Generate DPP Config Object for legacy network"""
1117 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1118 init_extra
="conf=sta-psk pass=%s" % "passphrase".encode("hex"),
1119 require_conf_success
=True)
1121 def test_dpp_config_legacy_gen_psk(dev
, apdev
):
1122 """Generate DPP Config Object for legacy network (PSK)"""
1123 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1124 init_extra
="conf=sta-psk psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
1125 require_conf_success
=True)
1127 def test_dpp_config_dpp_gen_prime256v1(dev
, apdev
):
1128 """Generate DPP Config Object for DPP network (P-256)"""
1129 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1130 init_extra
="conf=sta-dpp",
1131 require_conf_success
=True,
1134 def test_dpp_config_dpp_gen_secp384r1(dev
, apdev
):
1135 """Generate DPP Config Object for DPP network (P-384)"""
1136 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1137 init_extra
="conf=sta-dpp",
1138 require_conf_success
=True,
1141 def test_dpp_config_dpp_gen_secp521r1(dev
, apdev
):
1142 """Generate DPP Config Object for DPP network (P-521)"""
1143 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1144 init_extra
="conf=sta-dpp",
1145 require_conf_success
=True,
1148 def test_dpp_config_dpp_gen_prime256v1_prime256v1(dev
, apdev
):
1149 """Generate DPP Config Object for DPP network (P-256 + P-256)"""
1150 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1151 init_extra
="conf=sta-dpp",
1152 require_conf_success
=True,
1154 conf_curve
="prime256v1")
1156 def test_dpp_config_dpp_gen_prime256v1_secp384r1(dev
, apdev
):
1157 """Generate DPP Config Object for DPP network (P-256 + P-384)"""
1158 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1159 init_extra
="conf=sta-dpp",
1160 require_conf_success
=True,
1162 conf_curve
="secp384r1")
1164 def test_dpp_config_dpp_gen_prime256v1_secp521r1(dev
, apdev
):
1165 """Generate DPP Config Object for DPP network (P-256 + P-521)"""
1166 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1167 init_extra
="conf=sta-dpp",
1168 require_conf_success
=True,
1170 conf_curve
="secp521r1")
1172 def test_dpp_config_dpp_gen_secp384r1_prime256v1(dev
, apdev
):
1173 """Generate DPP Config Object for DPP network (P-384 + P-256)"""
1174 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1175 init_extra
="conf=sta-dpp",
1176 require_conf_success
=True,
1178 conf_curve
="prime256v1")
1180 def test_dpp_config_dpp_gen_secp384r1_secp384r1(dev
, apdev
):
1181 """Generate DPP Config Object for DPP network (P-384 + P-384)"""
1182 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1183 init_extra
="conf=sta-dpp",
1184 require_conf_success
=True,
1186 conf_curve
="secp384r1")
1188 def test_dpp_config_dpp_gen_secp384r1_secp521r1(dev
, apdev
):
1189 """Generate DPP Config Object for DPP network (P-384 + P-521)"""
1190 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1191 init_extra
="conf=sta-dpp",
1192 require_conf_success
=True,
1194 conf_curve
="secp521r1")
1196 def test_dpp_config_dpp_gen_secp521r1_prime256v1(dev
, apdev
):
1197 """Generate DPP Config Object for DPP network (P-521 + P-256)"""
1198 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1199 init_extra
="conf=sta-dpp",
1200 require_conf_success
=True,
1202 conf_curve
="prime256v1")
1204 def test_dpp_config_dpp_gen_secp521r1_secp384r1(dev
, apdev
):
1205 """Generate DPP Config Object for DPP network (P-521 + P-384)"""
1206 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1207 init_extra
="conf=sta-dpp",
1208 require_conf_success
=True,
1210 conf_curve
="secp384r1")
1212 def test_dpp_config_dpp_gen_secp521r1_secp521r1(dev
, apdev
):
1213 """Generate DPP Config Object for DPP network (P-521 + P-521)"""
1214 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1215 init_extra
="conf=sta-dpp",
1216 require_conf_success
=True,
1218 conf_curve
="secp521r1")
1220 def test_dpp_config_dpp_gen_expiry(dev
, apdev
):
1221 """Generate DPP Config Object for DPP network with expiry value"""
1222 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1223 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() + 1000),
1224 require_conf_success
=True,
1227 def test_dpp_config_dpp_gen_expired_key(dev
, apdev
):
1228 """Generate DPP Config Object for DPP network with expiry value"""
1229 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1230 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() - 10),
1231 require_conf_failure
=True,
1234 def test_dpp_config_dpp_override_prime256v1(dev
, apdev
):
1235 """DPP Config Object override (P-256)"""
1236 check_dpp_capab(dev
[0])
1237 check_dpp_capab(dev
[1])
1238 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiYVRGNEpFR0lQS1NaMFh2OXpkQ01qbS10bjVYcE1zWUlWWjl3eVNBejFnSSIsInkiOiJRR2NIV0FfNnJiVTlYRFhBenRvWC1NNVEzc3VUbk1hcUVoVUx0bjdTU1h3In19._sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A","csign":{"kty":"EC","crv":"P-256","x":"W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s","y":"Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}}}'
1239 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1240 dev
[1].set("dpp_config_obj_override", conf
)
1241 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1242 require_conf_success
=True)
1244 def test_dpp_config_dpp_override_secp384r1(dev
, apdev
):
1245 """DPP Config Object override (P-384)"""
1246 check_dpp_capab(dev
[0])
1247 check_dpp_capab(dev
[1])
1248 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJabi1iMndjbjRLM2pGQklkYmhGZkpVTHJTXzdESS0yMWxFQi02R3gxNjl3IiwiYWxnIjoiRVMzODQifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0zODQiLCJ4IjoickdrSGg1UUZsOUtfWjdqYUZkVVhmbThoY1RTRjM1b25Xb1NIRXVsbVNzWW9oX1RXZGpoRjhiVGdiS0ZRN2tBViIsInkiOiJBbU1QVDA5VmFENWpGdzMwTUFKQlp2VkZXeGNlVVlKLXR5blQ0bVJ5N0xOZWxhZ0dEWHpfOExaRlpOU2FaNUdLIn19.Yn_F7m-bbOQ5PlaYQJ9-1qsuqYQ6V-rAv8nWw1COKiCYwwbt3WFBJ8DljY0dPrlg5CHJC4saXwkytpI-CpELW1yUdzYb4Lrun07d20Eo_g10ICyOl5sqQCAUElKMe_Xr","csign":{"kty":"EC","crv":"P-384","x":"dmTyXXiPV2Y8a01fujL-jo08gvzyby23XmzOtzjAiujKQZZgPJsbhfEKrZDlc6ey","y":"H5Z0av5c7bqInxYb2_OOJdNiMhVf3zlcULR0516ZZitOY4U31KhL4wl4KGV7g2XW","kid":"Zn-b2wcn4K3jFBIdbhFfJULrS_7DI-21lEB-6Gx169w"}}}'
1249 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1250 dev
[1].set("dpp_config_obj_override", conf
)
1251 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1252 require_conf_success
=True)
1254 def test_dpp_config_dpp_override_secp521r1(dev
, apdev
):
1255 """DPP Config Object override (P-521)"""
1256 check_dpp_capab(dev
[0])
1257 check_dpp_capab(dev
[1])
1258 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJMZkhKY3hnV2ZKcG1uS2IwenZRT0F2VDB2b0ZKc0JjZnBmYzgxY3Y5ZXFnIiwiYWxnIjoiRVM1MTIifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC01MjEiLCJ4IjoiQVJlUFBrMFNISkRRR2NWbnlmM3lfbTlaQllHNjFJeElIbDN1NkdwRHVhMkU1WVd4TE1BSUtMMnZuUGtlSGFVRXljRmZaZlpYZ2JlNkViUUxMVkRVUm1VUSIsInkiOiJBWUtaYlNwUkFFNjJVYm9YZ2c1ZWRBVENzbEpzTlpwcm9RR1dUcW9Md04weXkzQkVoT3ZRZmZrOWhaR2lKZ295TzFobXFRRVRrS0pXb2tIYTBCQUpLSGZtIn19.ACEZLyPk13cM_OFScpLoCElQ2t1sxq5z2d_W_3_QslTQQe5SFiH_o8ycL4632YLAH4RV0gZcMKKRMtZdHgBYHjkzASDqgY-_aYN2SBmpfl8hw0YdDlUJWX3DJf-ofqNAlTbnGmhpSg69cEAhFn41Xgvx2MdwYcPVncxxESVOtWl5zNLK","csign":{"kty":"EC","crv":"P-521","x":"ADiOI_YJOAipEXHB-SpGl4KqokX8m8h3BVYCc8dgiwssZ061-nIIY3O1SIO6Re4Jjfy53RPgzDG6jitOgOGLtzZs","y":"AZKggKaQi0ExutSpJAU3-lqDV03sBQLA9C7KabfWoAn8qD6Vk4jU0WAJdt-wBBTF9o1nVuiqS2OxMVYrxN4lOz79","kid":"LfHJcxgWfJpmnKb0zvQOAvT0voFJsBcfpfc81cv9eqg"}}}'
1259 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1260 dev
[1].set("dpp_config_obj_override", conf
)
1261 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1262 require_conf_success
=True)
1264 def test_dpp_config_override_objects(dev
, apdev
):
1265 """Generate DPP Config Object and override objects)"""
1266 check_dpp_capab(dev
[1])
1267 discovery
= '{\n"ssid":"mywifi"\n}'
1268 groups
= '[\n {"groupId":"home","netRole":"sta"},\n {"groupId":"cottage","netRole":"sta"}\n]'
1269 dev
[1].set("dpp_discovery_override", discovery
)
1270 dev
[1].set("dpp_groups_override", groups
)
1271 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1272 init_extra
="conf=sta-dpp",
1273 require_conf_success
=True,
1276 def build_conf_obj(kty
="EC", crv
="P-256",
1277 x
="W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s",
1278 y
="Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE",
1279 kid
="TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU",
1280 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}',
1281 signed_connector
=None,
1282 no_signed_connector
=False,
1284 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{'
1285 conf
+= '"akm":"dpp",'
1287 if signed_connector
:
1288 conn
= signed_connector
1289 conf
+= '"signedConnector":"%s",' % conn
1290 elif not no_signed_connector
:
1291 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1292 sign
= "_sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A"
1293 conn
= base64
.urlsafe_b64encode(prot_hdr
).rstrip('=') + '.'
1294 conn
+= base64
.urlsafe_b64encode(payload
).rstrip('=') + '.'
1296 conf
+= '"signedConnector":"%s",' % conn
1301 conf
+= '"kty":"%s",' % kty
1303 conf
+= '"crv":"%s",' % crv
1305 conf
+= '"x":"%s",' % x
1307 conf
+= '"y":"%s",' % y
1309 conf
+= '"kid":"%s"' % kid
1310 conf
= conf
.rstrip(',')
1313 conf
= conf
.rstrip(',')
1319 def run_dpp_config_error(dev
, apdev
, conf
,
1320 skip_net_access_key_mismatch
=True):
1321 check_dpp_capab(dev
[0])
1322 check_dpp_capab(dev
[1])
1323 if skip_net_access_key_mismatch
:
1324 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1325 dev
[1].set("dpp_config_obj_override", conf
)
1326 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1327 require_conf_failure
=True)
1329 def test_dpp_config_jwk_error_no_kty(dev
, apdev
):
1330 """DPP Config Object JWK error - no kty"""
1331 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
=None))
1333 def test_dpp_config_jwk_error_unexpected_kty(dev
, apdev
):
1334 """DPP Config Object JWK error - unexpected kty"""
1335 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
="unknown"))
1337 def test_dpp_config_jwk_error_no_crv(dev
, apdev
):
1338 """DPP Config Object JWK error - no crv"""
1339 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
=None))
1341 def test_dpp_config_jwk_error_unsupported_crv(dev
, apdev
):
1342 """DPP Config Object JWK error - unsupported curve"""
1343 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
="unsupported"))
1345 def test_dpp_config_jwk_error_no_x(dev
, apdev
):
1346 """DPP Config Object JWK error - no x"""
1347 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
=None))
1349 def test_dpp_config_jwk_error_invalid_x(dev
, apdev
):
1350 """DPP Config Object JWK error - invalid x"""
1351 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
="MTIz"))
1353 def test_dpp_config_jwk_error_no_y(dev
, apdev
):
1354 """DPP Config Object JWK error - no y"""
1355 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
=None))
1357 def test_dpp_config_jwk_error_invalid_y(dev
, apdev
):
1358 """DPP Config Object JWK error - invalid y"""
1359 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
="MTIz"))
1361 def test_dpp_config_jwk_error_invalid_xy(dev
, apdev
):
1362 """DPP Config Object JWK error - invalid x,y"""
1363 conf
= build_conf_obj(x
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY",
1364 y
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY")
1365 run_dpp_config_error(dev
, apdev
, conf
)
1367 def test_dpp_config_jwk_error_no_kid(dev
, apdev
):
1368 """DPP Config Object JWK error - no kid"""
1369 run_dpp_config_error(dev
, apdev
, build_conf_obj(kid
=None))
1371 def test_dpp_config_jws_error_prot_hdr_not_an_object(dev
, apdev
):
1372 """DPP Config Object JWS error - protected header not an object"""
1373 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
="1"))
1375 def test_dpp_config_jws_error_prot_hdr_no_typ(dev
, apdev
):
1376 """DPP Config Object JWS error - protected header - no typ"""
1377 prot_hdr
='{"kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1378 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1380 def test_dpp_config_jws_error_prot_hdr_unsupported_typ(dev
, apdev
):
1381 """DPP Config Object JWS error - protected header - unsupported typ"""
1382 prot_hdr
='{"typ":"unsupported","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1383 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1385 def test_dpp_config_jws_error_prot_hdr_no_alg(dev
, apdev
):
1386 """DPP Config Object JWS error - protected header - no alg"""
1387 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}'
1388 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1390 def test_dpp_config_jws_error_prot_hdr_unexpected_alg(dev
, apdev
):
1391 """DPP Config Object JWS error - protected header - unexpected alg"""
1392 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"unexpected"}'
1393 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1395 def test_dpp_config_jws_error_prot_hdr_no_kid(dev
, apdev
):
1396 """DPP Config Object JWS error - protected header - no kid"""
1397 prot_hdr
='{"typ":"dppCon","alg":"ES256"}'
1398 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1400 def test_dpp_config_jws_error_prot_hdr_unexpected_kid(dev
, apdev
):
1401 """DPP Config Object JWS error - protected header - unexpected kid"""
1402 prot_hdr
='{"typ":"dppCon","kid":"MTIz","alg":"ES256"}'
1403 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1405 def test_dpp_config_signed_connector_error_no_dot_1(dev
, apdev
):
1406 """DPP Config Object signedConnector error - no dot(1)"""
1408 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1410 def test_dpp_config_signed_connector_error_no_dot_2(dev
, apdev
):
1411 """DPP Config Object signedConnector error - no dot(2)"""
1412 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz"
1413 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1415 def test_dpp_config_signed_connector_error_unexpected_signature_len(dev
, apdev
):
1416 """DPP Config Object signedConnector error - unexpected signature length"""
1417 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTIz"
1418 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1420 def test_dpp_config_signed_connector_error_invalid_signature_der(dev
, apdev
):
1421 """DPP Config Object signedConnector error - invalid signature DER"""
1422 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTI"
1423 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1425 def test_dpp_config_no_csign(dev
, apdev
):
1426 """DPP Config Object error - no csign"""
1427 run_dpp_config_error(dev
, apdev
, build_conf_obj(csign
=False))
1429 def test_dpp_config_no_signed_connector(dev
, apdev
):
1430 """DPP Config Object error - no signedConnector"""
1431 run_dpp_config_error(dev
, apdev
, build_conf_obj(no_signed_connector
=True))
1433 def test_dpp_config_unexpected_signed_connector_char(dev
, apdev
):
1434 """DPP Config Object error - unexpected signedConnector character"""
1435 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
='a\nb'))
1437 def test_dpp_config_root_not_an_object(dev
, apdev
):
1438 """DPP Config Object error - root not an object"""
1440 run_dpp_config_error(dev
, apdev
, conf
)
1442 def test_dpp_config_no_wi_fi_tech(dev
, apdev
):
1443 """DPP Config Object error - no wi-fi_tech"""
1445 run_dpp_config_error(dev
, apdev
, conf
)
1447 def test_dpp_config_unsupported_wi_fi_tech(dev
, apdev
):
1448 """DPP Config Object error - unsupported wi-fi_tech"""
1449 conf
= '{"wi-fi_tech":"unsupported"}'
1450 run_dpp_config_error(dev
, apdev
, conf
)
1452 def test_dpp_config_no_discovery(dev
, apdev
):
1453 """DPP Config Object error - no discovery"""
1454 conf
= '{"wi-fi_tech":"infra"}'
1455 run_dpp_config_error(dev
, apdev
, conf
)
1457 def test_dpp_config_no_discovery_ssid(dev
, apdev
):
1458 """DPP Config Object error - no discovery::ssid"""
1459 conf
= '{"wi-fi_tech":"infra","discovery":{}}'
1460 run_dpp_config_error(dev
, apdev
, conf
)
1462 def test_dpp_config_too_long_discovery_ssid(dev
, apdev
):
1463 """DPP Config Object error - too long discovery::ssid"""
1464 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"%s"}}' % (33*'A')
1465 run_dpp_config_error(dev
, apdev
, conf
)
1467 def test_dpp_config_no_cred(dev
, apdev
):
1468 """DPP Config Object error - no cred"""
1469 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"}}'
1470 run_dpp_config_error(dev
, apdev
, conf
)
1472 def test_dpp_config_no_cred_akm(dev
, apdev
):
1473 """DPP Config Object error - no cred::akm"""
1474 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{}}'
1475 run_dpp_config_error(dev
, apdev
, conf
)
1477 def test_dpp_config_unsupported_cred_akm(dev
, apdev
):
1478 """DPP Config Object error - unsupported cred::akm"""
1479 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"unsupported"}}'
1480 run_dpp_config_error(dev
, apdev
, conf
)
1482 def test_dpp_config_error_legacy_no_pass(dev
, apdev
):
1483 """DPP Config Object legacy error - no pass/psk"""
1484 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk"}}'
1485 run_dpp_config_error(dev
, apdev
, conf
)
1487 def test_dpp_config_error_legacy_too_short_pass(dev
, apdev
):
1488 """DPP Config Object legacy error - too short pass/psk"""
1489 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"1"}}'
1490 run_dpp_config_error(dev
, apdev
, conf
)
1492 def test_dpp_config_error_legacy_too_long_pass(dev
, apdev
):
1493 """DPP Config Object legacy error - too long pass/psk"""
1494 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"%s"}}' % (64*'A')
1495 run_dpp_config_error(dev
, apdev
, conf
)
1497 def test_dpp_config_error_legacy_psk_with_sae(dev
, apdev
):
1498 """DPP Config Object legacy error - psk_hex with SAE"""
1499 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"sae","psk_hex":"%s"}}' % (32*"12")
1500 run_dpp_config_error(dev
, apdev
, conf
)
1502 def test_dpp_config_error_legacy_no_pass_for_sae(dev
, apdev
):
1503 """DPP Config Object legacy error - no pass for SAE"""
1504 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk+sae","psk_hex":"%s"}}' % (32*"12")
1505 run_dpp_config_error(dev
, apdev
, conf
)
1507 def test_dpp_config_error_legacy_invalid_psk(dev
, apdev
):
1508 """DPP Config Object legacy error - invalid psk_hex"""
1509 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (32*"qa")
1510 run_dpp_config_error(dev
, apdev
, conf
)
1512 def test_dpp_config_error_legacy_too_short_psk(dev
, apdev
):
1513 """DPP Config Object legacy error - too short psk_hex"""
1514 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (31*"12")
1515 run_dpp_config_error(dev
, apdev
, conf
)
1517 def ecdsa_sign(pkey
, message
, alg
="sha256"):
1518 sign
= OpenSSL
.crypto
.sign(pkey
, message
, alg
)
1519 a
,b
= struct
.unpack('BB', sign
[0:2])
1521 raise Exception("Invalid DER encoding of ECDSA signature")
1522 if b
!= len(sign
) - 2:
1523 raise Exception("Invalid length of ECDSA signature")
1526 a
,b
= struct
.unpack('BB', sign
[0:2])
1528 raise Exception("Invalid DER encoding of ECDSA signature r")
1529 if b
> len(sign
) - 2:
1530 raise Exception("Invalid length of ECDSA signature r")
1539 raise Exception("Invalid length of ECDSA signature r")
1541 a
,b
= struct
.unpack('BB', sign
[0:2])
1543 raise Exception("Invalid DER encoding of ECDSA signature s")
1544 if b
> len(sign
) - 2:
1545 raise Exception("Invalid length of ECDSA signature s")
1554 raise Exception("Invalid length of ECDSA signature s")
1556 raise Exception("Extra data at the end of ECDSA signature")
1559 return base64
.urlsafe_b64encode(raw_sign
).rstrip('=')
1561 p256_priv_key
= """-----BEGIN EC PRIVATE KEY-----
1562 MHcCAQEEIBVQij9ah629f1pu3tarDQGQvrzHgAkgYd1jHGiLxNajoAoGCCqGSM49
1563 AwEHoUQDQgAEAC9d2/JirKu72F2qLuv5jEFMD1Cqu9EiyGk7cOzn/2DJ51p2mEoW
1564 n03N6XRvTC+G7WPol9Ng97NAM2sK57+F/Q==
1565 -----END EC PRIVATE KEY-----"""
1566 p256_pub_key_x
= binascii
.unhexlify("002f5ddbf262acabbbd85daa2eebf98c414c0f50aabbd122c8693b70ece7ff60")
1567 p256_pub_key_y
= binascii
.unhexlify("c9e75a76984a169f4dcde9746f4c2f86ed63e897d360f7b340336b0ae7bf85fd")
1569 def run_dpp_config_connector(dev
, apdev
, expiry
=None, payload
=None,
1570 skip_net_access_key_mismatch
=True):
1571 if not openssl_imported
:
1572 raise HwsimSkip("OpenSSL python method not available")
1573 pkey
= OpenSSL
.crypto
.load_privatekey(OpenSSL
.crypto
.FILETYPE_PEM
,
1575 x
= base64
.urlsafe_b64encode(p256_pub_key_x
).rstrip('=')
1576 y
= base64
.urlsafe_b64encode(p256_pub_key_y
).rstrip('=')
1578 pubkey
= '\04' + p256_pub_key_x
+ p256_pub_key_y
1579 kid
= base64
.urlsafe_b64encode(hashlib
.sha256(pubkey
).digest()).rstrip('=')
1581 prot_hdr
= '{"typ":"dppCon","kid":"%s","alg":"ES256"}' % kid
1584 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}'
1586 payload
+= ',"expiry":"%s"' % expiry
1588 conn
= base64
.urlsafe_b64encode(prot_hdr
).rstrip('=') + '.'
1589 conn
+= base64
.urlsafe_b64encode(payload
).rstrip('=')
1590 sign
= ecdsa_sign(pkey
, conn
)
1592 run_dpp_config_error(dev
, apdev
,
1593 build_conf_obj(x
=x
, y
=y
, signed_connector
=conn
),
1594 skip_net_access_key_mismatch
=skip_net_access_key_mismatch
)
1596 def test_dpp_config_connector_error_ext_sign(dev
, apdev
):
1597 """DPP Config Object connector error - external signature calculation"""
1598 run_dpp_config_connector(dev
, apdev
)
1600 def test_dpp_config_connector_error_too_short_timestamp(dev
, apdev
):
1601 """DPP Config Object connector error - too short timestamp"""
1602 run_dpp_config_connector(dev
, apdev
, expiry
="1")
1604 def test_dpp_config_connector_error_invalid_timestamp(dev
, apdev
):
1605 """DPP Config Object connector error - invalid timestamp"""
1606 run_dpp_config_connector(dev
, apdev
, expiry
=19*"1")
1608 def test_dpp_config_connector_error_invalid_timestamp_date(dev
, apdev
):
1609 """DPP Config Object connector error - invalid timestamp date"""
1610 run_dpp_config_connector(dev
, apdev
, expiry
="9999-99-99T99:99:99Z")
1612 def test_dpp_config_connector_error_invalid_time_zone(dev
, apdev
):
1613 """DPP Config Object connector error - invalid time zone"""
1614 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00*")
1616 def test_dpp_config_connector_error_invalid_time_zone_2(dev
, apdev
):
1617 """DPP Config Object connector error - invalid time zone 2"""
1618 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+")
1620 def test_dpp_config_connector_error_expired_1(dev
, apdev
):
1621 """DPP Config Object connector error - expired 1"""
1622 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00")
1624 def test_dpp_config_connector_error_expired_2(dev
, apdev
):
1625 """DPP Config Object connector error - expired 2"""
1626 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00Z")
1628 def test_dpp_config_connector_error_expired_3(dev
, apdev
):
1629 """DPP Config Object connector error - expired 3"""
1630 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01")
1632 def test_dpp_config_connector_error_expired_4(dev
, apdev
):
1633 """DPP Config Object connector error - expired 4"""
1634 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01:02")
1636 def test_dpp_config_connector_error_expired_5(dev
, apdev
):
1637 """DPP Config Object connector error - expired 5"""
1638 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01")
1640 def test_dpp_config_connector_error_expired_6(dev
, apdev
):
1641 """DPP Config Object connector error - expired 6"""
1642 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01:02")
1644 def test_dpp_config_connector_error_no_groups(dev
, apdev
):
1645 """DPP Config Object connector error - no groups"""
1646 payload
= '{"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1647 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1649 def test_dpp_config_connector_error_empty_groups(dev
, apdev
):
1650 """DPP Config Object connector error - empty groups"""
1651 payload
= '{"groups":[],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1652 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1654 def test_dpp_config_connector_error_missing_group_id(dev
, apdev
):
1655 """DPP Config Object connector error - missing groupId"""
1656 payload
= '{"groups":[{"netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1657 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1659 def test_dpp_config_connector_error_missing_net_role(dev
, apdev
):
1660 """DPP Config Object connector error - missing netRole"""
1661 payload
= '{"groups":[{"groupId":"*"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1662 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1664 def test_dpp_config_connector_error_missing_net_access_key(dev
, apdev
):
1665 """DPP Config Object connector error - missing netAccessKey"""
1666 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}]}'
1667 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1669 def test_dpp_config_connector_error_net_access_key_mismatch(dev
, apdev
):
1670 """DPP Config Object connector error - netAccessKey mismatch"""
1671 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1672 run_dpp_config_connector(dev
, apdev
, payload
=payload
,
1673 skip_net_access_key_mismatch
=False)
1675 def test_dpp_gas_timeout(dev
, apdev
):
1676 """DPP and GAS server timeout for a query"""
1677 check_dpp_capab(dev
[0])
1678 check_dpp_capab(dev
[1])
1679 logger
.info("dev0 displays QR Code")
1680 addr
= dev
[0].own_addr().replace(':', '')
1681 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1682 res
= dev
[0].request(cmd
)
1684 raise Exception("Failed to generate bootstrapping info")
1686 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1688 logger
.info("dev1 scans QR Code")
1689 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
1691 raise Exception("Failed to parse QR Code URI")
1694 logger
.info("dev1 initiates DPP Authentication")
1695 dev
[0].set("ext_mgmt_frame_handling", "1")
1696 cmd
= "DPP_LISTEN 2412"
1697 if "OK" not in dev
[0].request(cmd
):
1698 raise Exception("Failed to start listen operation")
1700 # Force GAS fragmentation
1701 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1702 dev
[1].set("dpp_config_obj_override", conf
)
1704 cmd
= "DPP_AUTH_INIT peer=%d" % id1
1705 if "OK" not in dev
[1].request(cmd
):
1706 raise Exception("Failed to initiate DPP Authentication")
1708 # DPP Authentication Request
1709 msg
= dev
[0].mgmt_rx()
1710 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1711 raise Exception("MGMT_RX_PROCESS failed")
1713 # DPP Authentication Confirmation
1714 msg
= dev
[0].mgmt_rx()
1715 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1716 raise Exception("MGMT_RX_PROCESS failed")
1718 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1720 raise Exception("DPP authentication did not succeed (Responder)")
1721 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1723 raise Exception("DPP authentication did not succeed (Initiator)")
1725 # DPP Configuration Response (GAS Initial Response frame)
1726 msg
= dev
[0].mgmt_rx()
1727 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
1728 raise Exception("MGMT_RX_PROCESS failed")
1730 # GAS Comeback Response frame
1731 msg
= dev
[0].mgmt_rx()
1732 # Do not continue to force timeout on GAS server
1734 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
1736 raise Exception("GAS result not reported (Enrollee)")
1737 if "result=TIMEOUT" not in ev
:
1738 raise Exception("Unexpected GAS result (Enrollee): " + ev
)
1739 dev
[0].set("ext_mgmt_frame_handling", "0")
1741 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=15)
1743 raise Exception("DPP configuration failure not reported (Configurator)")
1745 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=1)
1747 raise Exception("DPP configuration failure not reported (Enrollee)")
1749 def test_dpp_akm_sha256(dev
, apdev
):
1750 """DPP AKM (SHA256)"""
1751 run_dpp_akm(dev
, apdev
, 32)
1753 def test_dpp_akm_sha384(dev
, apdev
):
1754 """DPP AKM (SHA384)"""
1755 run_dpp_akm(dev
, apdev
, 48)
1757 def test_dpp_akm_sha512(dev
, apdev
):
1758 """DPP AKM (SHA512)"""
1759 run_dpp_akm(dev
, apdev
, 64)
1761 def run_dpp_akm(dev
, apdev
, pmk_len
):
1762 check_dpp_capab(dev
[0])
1763 check_dpp_capab(dev
[1])
1764 params
= { "ssid": "dpp",
1766 "wpa_key_mgmt": "DPP",
1767 "rsn_pairwise": "CCMP",
1770 hapd
= hostapd
.add_ap(apdev
[0], params
)
1772 raise HwsimSkip("DPP not supported")
1774 id = dev
[0].connect("dpp", key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
1776 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=2)
1778 raise Exception("Network mismatch not reported")
1779 dev
[0].request("DISCONNECT")
1780 dev
[0].dump_monitor()
1782 bssid
= hapd
.own_addr()
1786 cmd
= "PMKSA_ADD %d %s %s %s 30240 43200 %d 0" % (id, bssid
, pmkid
, pmk
, akmp
)
1787 if "OK" not in dev
[0].request(cmd
):
1788 raise Exception("PMKSA_ADD failed (wpa_supplicant)")
1789 dev
[0].select_network(id, freq
="2412")
1790 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=2)
1791 dev
[0].request("DISCONNECT")
1792 dev
[0].dump_monitor()
1794 raise Exception("Association attempt was not rejected")
1795 if "status_code=53" not in ev
:
1796 raise Exception("Unexpected status code: " + ev
)
1798 addr
= dev
[0].own_addr()
1799 cmd
= "PMKSA_ADD %s %s %s 0 %d" % (addr
, pmkid
, pmk
, akmp
)
1800 if "OK" not in hapd
.request(cmd
):
1801 raise Exception("PMKSA_ADD failed (hostapd)")
1803 dev
[0].select_network(id, freq
="2412")
1804 dev
[0].wait_connected()
1805 val
= dev
[0].get_status_field("key_mgmt")
1807 raise Exception("Unexpected key_mgmt: " + val
)
1809 params1_csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1810 params1_ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1811 params1_ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1812 params1_sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1813 params1_sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1815 def test_dpp_network_introduction(dev
, apdev
):
1816 """DPP network introduction"""
1817 check_dpp_capab(dev
[0])
1818 check_dpp_capab(dev
[1])
1820 params
= { "ssid": "dpp",
1822 "wpa_key_mgmt": "DPP",
1824 "rsn_pairwise": "CCMP",
1825 "dpp_connector": params1_ap_connector
,
1826 "dpp_csign": params1_csign
,
1827 "dpp_netaccesskey": params1_ap_netaccesskey
}
1829 hapd
= hostapd
.add_ap(apdev
[0], params
)
1831 raise HwsimSkip("DPP not supported")
1833 id = dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
1835 dpp_csign
=params1_csign
,
1836 dpp_connector
=params1_sta_connector
,
1837 dpp_netaccesskey
=params1_sta_netaccesskey
)
1838 val
= dev
[0].get_status_field("key_mgmt")
1840 raise Exception("Unexpected key_mgmt: " + val
)
1842 def test_dpp_and_sae_akm(dev
, apdev
):
1843 """DPP and SAE AKMs"""
1844 check_dpp_capab(dev
[0])
1845 check_dpp_capab(dev
[1])
1846 if "SAE" not in dev
[1].get_capability("auth_alg"):
1847 raise HwsimSkip("SAE not supported")
1849 params
= { "ssid": "dpp+sae",
1851 "wpa_key_mgmt": "DPP SAE",
1853 "rsn_pairwise": "CCMP",
1854 "sae_password": "sae-password",
1855 "dpp_connector": params1_ap_connector
,
1856 "dpp_csign": params1_csign
,
1857 "dpp_netaccesskey": params1_ap_netaccesskey
}
1859 hapd
= hostapd
.add_ap(apdev
[0], params
)
1861 raise HwsimSkip("DPP not supported")
1863 id = dev
[0].connect("dpp+sae", key_mgmt
="DPP", scan_freq
="2412",
1865 dpp_csign
=params1_csign
,
1866 dpp_connector
=params1_sta_connector
,
1867 dpp_netaccesskey
=params1_sta_netaccesskey
)
1868 val
= dev
[0].get_status_field("key_mgmt")
1870 raise Exception("Unexpected key_mgmt for DPP: " + val
)
1872 id = dev
[1].connect("dpp+sae", key_mgmt
="SAE", scan_freq
="2412",
1873 ieee80211w
="2", psk
="sae-password")
1874 val
= dev
[1].get_status_field("key_mgmt")
1876 raise Exception("Unexpected key_mgmt for SAE: " + val
)
1878 def test_dpp_ap_config(dev
, apdev
):
1879 """DPP and AP configuration"""
1880 run_dpp_ap_config(dev
, apdev
)
1882 def test_dpp_ap_config_p256_p256(dev
, apdev
):
1883 """DPP and AP configuration (P-256 + P-256)"""
1884 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-256")
1886 def test_dpp_ap_config_p256_p384(dev
, apdev
):
1887 """DPP and AP configuration (P-256 + P-384)"""
1888 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-384")
1890 def test_dpp_ap_config_p256_p521(dev
, apdev
):
1891 """DPP and AP configuration (P-256 + P-521)"""
1892 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-521")
1894 def test_dpp_ap_config_p384_p256(dev
, apdev
):
1895 """DPP and AP configuration (P-384 + P-256)"""
1896 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-256")
1898 def test_dpp_ap_config_p384_p384(dev
, apdev
):
1899 """DPP and AP configuration (P-384 + P-384)"""
1900 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-384")
1902 def test_dpp_ap_config_p384_p521(dev
, apdev
):
1903 """DPP and AP configuration (P-384 + P-521)"""
1904 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-521")
1906 def test_dpp_ap_config_p521_p256(dev
, apdev
):
1907 """DPP and AP configuration (P-521 + P-256)"""
1908 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-256")
1910 def test_dpp_ap_config_p521_p384(dev
, apdev
):
1911 """DPP and AP configuration (P-521 + P-384)"""
1912 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-384")
1914 def test_dpp_ap_config_p521_p521(dev
, apdev
):
1915 """DPP and AP configuration (P-521 + P-521)"""
1916 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-521")
1918 def test_dpp_ap_config_reconfig_configurator(dev
, apdev
):
1919 """DPP and AP configuration with Configurator reconfiguration"""
1920 run_dpp_ap_config(dev
, apdev
, reconf_configurator
=True)
1922 def update_hapd_config(hapd
):
1923 ev
= hapd
.wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1925 raise Exception("SSID not reported (AP)")
1926 ssid
= ev
.split(' ')[1]
1928 ev
= hapd
.wait_event(["DPP-CONNECTOR"], timeout
=1)
1930 raise Exception("Connector not reported (AP)")
1931 connector
= ev
.split(' ')[1]
1933 ev
= hapd
.wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
1935 raise Exception("C-sign-key not reported (AP)")
1939 ev
= hapd
.wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
1941 raise Exception("netAccessKey not reported (AP)")
1943 net_access_key
= p
[1]
1944 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
1946 logger
.info("Update AP configuration to use key_mgmt=DPP")
1948 hapd
.set("ssid", ssid
)
1949 hapd
.set("wpa", "2")
1950 hapd
.set("wpa_key_mgmt", "DPP")
1951 hapd
.set("ieee80211w", "2")
1952 hapd
.set("rsn_pairwise", "CCMP")
1953 hapd
.set("dpp_connector", connector
)
1954 hapd
.set("dpp_csign", csign
)
1955 hapd
.set("dpp_netaccesskey", net_access_key
)
1956 if net_access_key_expiry
:
1957 hapd
.set("dpp_netaccesskey_expiry", net_access_key_expiry
)
1960 def run_dpp_ap_config(dev
, apdev
, curve
=None, conf_curve
=None,
1961 reconf_configurator
=False):
1962 check_dpp_capab(dev
[0])
1963 check_dpp_capab(dev
[1])
1964 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
1965 check_dpp_capab(hapd
)
1967 addr
= hapd
.own_addr().replace(':', '')
1968 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1970 cmd
+= " curve=" + curve
1971 res
= hapd
.request(cmd
)
1973 raise Exception("Failed to generate bootstrapping info")
1975 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
1977 cmd
= "DPP_CONFIGURATOR_ADD"
1979 cmd
+= " curve=" + conf_curve
1980 res
= dev
[0].request(cmd
);
1982 raise Exception("Failed to add configurator")
1985 if reconf_configurator
:
1986 csign
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
1987 if "FAIL" in csign
or len(csign
) == 0:
1988 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
1990 res
= dev
[0].request("DPP_QR_CODE " + uri
)
1992 raise Exception("Failed to parse QR Code URI")
1995 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
1996 if "OK" not in dev
[0].request(cmd
):
1997 raise Exception("Failed to initiate DPP Authentication")
1998 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2000 raise Exception("DPP authentication did not succeed (Responder)")
2001 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2003 raise Exception("DPP authentication did not succeed (Initiator)")
2004 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2006 raise Exception("DPP configuration not completed (Configurator)")
2007 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
2009 raise Exception("DPP configuration not completed (Enrollee)")
2010 if "DPP-CONF-FAILED" in ev
:
2011 raise Exception("DPP configuration failed")
2013 update_hapd_config(hapd
)
2015 addr
= dev
[1].own_addr().replace(':', '')
2016 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2018 cmd
+= " curve=" + curve
2019 res
= dev
[1].request(cmd
)
2021 raise Exception("Failed to generate bootstrapping info")
2023 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2025 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2027 raise Exception("Failed to parse QR Code URI")
2030 if reconf_configurator
:
2031 res
= dev
[0].request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
2033 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
2034 cmd
= "DPP_CONFIGURATOR_ADD"
2036 cmd
+= " curve=" + conf_curve
2037 cmd
+= " key=" + csign
2038 res
= dev
[0].request(cmd
);
2040 raise Exception("Failed to add configurator (reconf)")
2043 cmd
= "DPP_LISTEN 2412"
2044 if "OK" not in dev
[1].request(cmd
):
2045 raise Exception("Failed to start listen operation")
2046 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id0b
, conf_id
)
2047 if "OK" not in dev
[0].request(cmd
):
2048 raise Exception("Failed to initiate DPP Authentication")
2049 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2051 raise Exception("DPP authentication did not succeed (Responder)")
2052 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2054 raise Exception("DPP authentication did not succeed (Initiator)")
2055 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2057 raise Exception("DPP configuration not completed (Configurator)")
2058 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2060 raise Exception("DPP configuration not completed (Enrollee)")
2061 dev
[1].request("DPP_STOP_LISTEN")
2063 ev
= dev
[1].wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
2065 raise Exception("SSID not reported")
2066 ssid
= ev
.split(' ')[1]
2068 ev
= dev
[1].wait_event(["DPP-CONNECTOR"], timeout
=1)
2070 raise Exception("Connector not reported")
2071 connector
= ev
.split(' ')[1]
2073 ev
= dev
[1].wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
2075 raise Exception("C-sign-key not reported")
2079 ev
= dev
[1].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
2081 raise Exception("netAccessKey not reported")
2083 net_access_key
= p
[1]
2084 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
2086 dev
[1].dump_monitor()
2088 id = dev
[1].connect(ssid
, key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
2089 only_add_network
=True)
2090 dev
[1].set_network_quoted(id, "dpp_connector", connector
)
2091 dev
[1].set_network(id, "dpp_csign", csign
)
2092 dev
[1].set_network(id, "dpp_netaccesskey", net_access_key
)
2093 if net_access_key_expiry
:
2094 dev
[1].set_network(id, "dpp_netaccess_expiry", net_access_key_expiry
)
2096 logger
.info("Check data connection")
2097 dev
[1].select_network(id, freq
="2412")
2098 dev
[1].wait_connected()
2100 def test_dpp_auto_connect_1(dev
, apdev
):
2101 """DPP and auto connect (1)"""
2103 run_dpp_auto_connect(dev
, apdev
, 1)
2105 dev
[0].set("dpp_config_processing", "0")
2107 def test_dpp_auto_connect_2(dev
, apdev
):
2108 """DPP and auto connect (2)"""
2110 run_dpp_auto_connect(dev
, apdev
, 2)
2112 dev
[0].set("dpp_config_processing", "0")
2114 def test_dpp_auto_connect_2_connect_cmd(dev
, apdev
):
2115 """DPP and auto connect (2) using connect_cmd"""
2116 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
2117 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
2118 dev_new
= [ wpas
, dev
[1] ]
2120 run_dpp_auto_connect(dev_new
, apdev
, 2)
2122 wpas
.set("dpp_config_processing", "0")
2124 def run_dpp_auto_connect(dev
, apdev
, processing
):
2125 check_dpp_capab(dev
[0])
2126 check_dpp_capab(dev
[1])
2128 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2129 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2130 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2131 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2133 params
= { "ssid": "test",
2135 "wpa_key_mgmt": "DPP",
2137 "rsn_pairwise": "CCMP",
2138 "dpp_connector": ap_connector
,
2139 "dpp_csign": csign_pub
,
2140 "dpp_netaccesskey": ap_netaccesskey
}
2142 hapd
= hostapd
.add_ap(apdev
[0], params
)
2144 raise HwsimSkip("DPP not supported")
2146 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
2147 res
= dev
[1].request(cmd
)
2149 raise Exception("DPP_CONFIGURATOR_ADD failed")
2152 dev
[0].set("dpp_config_processing", str(processing
))
2153 addr
= dev
[0].own_addr().replace(':', '')
2154 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2155 res
= dev
[0].request(cmd
)
2157 raise Exception("Failed to generate bootstrapping info")
2159 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2161 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2163 raise Exception("Failed to parse QR Code URI")
2166 cmd
= "DPP_LISTEN 2412"
2167 if "OK" not in dev
[0].request(cmd
):
2168 raise Exception("Failed to start listen operation")
2170 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
2171 if "OK" not in dev
[1].request(cmd
):
2172 raise Exception("Failed to initiate DPP Authentication")
2173 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2175 raise Exception("DPP configuration not completed (Configurator)")
2176 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2178 raise Exception("DPP configuration not completed (Enrollee)")
2179 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2181 raise Exception("DPP network profile not generated")
2182 id = ev
.split(' ')[1]
2185 dev
[0].select_network(id, freq
=2412)
2187 dev
[0].wait_connected()
2188 hwsim_utils
.test_connectivity(dev
[0], hapd
)
2190 def test_dpp_auto_connect_legacy(dev
, apdev
):
2191 """DPP and auto connect (legacy)"""
2193 run_dpp_auto_connect_legacy(dev
, apdev
)
2195 dev
[0].set("dpp_config_processing", "0")
2197 def test_dpp_auto_connect_legacy_sae_1(dev
, apdev
):
2198 """DPP and auto connect (legacy SAE)"""
2200 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', psk_sae
=True)
2202 dev
[0].set("dpp_config_processing", "0")
2204 def test_dpp_auto_connect_legacy_sae_2(dev
, apdev
):
2205 """DPP and auto connect (legacy SAE)"""
2207 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', sae_only
=True)
2209 dev
[0].set("dpp_config_processing", "0")
2211 def test_dpp_auto_connect_legacy_psk_sae_1(dev
, apdev
):
2212 """DPP and auto connect (legacy PSK+SAE)"""
2214 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2217 dev
[0].set("dpp_config_processing", "0")
2219 def test_dpp_auto_connect_legacy_psk_sae_2(dev
, apdev
):
2220 """DPP and auto connect (legacy PSK+SAE)"""
2222 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2225 dev
[0].set("dpp_config_processing", "0")
2227 def test_dpp_auto_connect_legacy_psk_sae_3(dev
, apdev
):
2228 """DPP and auto connect (legacy PSK+SAE)"""
2230 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae')
2232 dev
[0].set("dpp_config_processing", "0")
2234 def run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk',
2235 psk_sae
=False, sae_only
=False):
2236 check_dpp_capab(dev
[0])
2237 check_dpp_capab(dev
[1])
2239 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2240 passphrase
="secret passphrase")
2242 params
['wpa_key_mgmt'] = 'SAE'
2243 params
['ieee80211w'] = '2'
2245 params
['wpa_key_mgmt'] = 'WPA-PSK SAE'
2246 params
['ieee80211w'] = '1'
2247 params
['sae_require_mfp'] = '1'
2249 hapd
= hostapd
.add_ap(apdev
[0], params
)
2251 dev
[0].set("dpp_config_processing", "2")
2252 addr
= dev
[0].own_addr().replace(':', '')
2253 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2254 res
= dev
[0].request(cmd
)
2256 raise Exception("Failed to generate bootstrapping info")
2258 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2260 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2262 raise Exception("Failed to parse QR Code URI")
2265 cmd
= "DPP_LISTEN 2412"
2266 if "OK" not in dev
[0].request(cmd
):
2267 raise Exception("Failed to start listen operation")
2269 cmd
= "DPP_AUTH_INIT peer=%d conf=%s ssid=%s pass=%s" % (id1
, conf
, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2270 if "OK" not in dev
[1].request(cmd
):
2271 raise Exception("Failed to initiate DPP Authentication")
2272 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2274 raise Exception("DPP configuration not completed (Configurator)")
2275 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2277 raise Exception("DPP configuration not completed (Enrollee)")
2278 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2280 raise Exception("DPP network profile not generated")
2281 id = ev
.split(' ')[1]
2283 dev
[0].wait_connected()
2285 def test_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2286 """DPP and auto connect (legacy, PMF required)"""
2288 run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
)
2290 dev
[0].set("dpp_config_processing", "0")
2292 def run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2293 check_dpp_capab(dev
[0])
2294 check_dpp_capab(dev
[1])
2296 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2297 passphrase
="secret passphrase")
2298 params
['wpa_key_mgmt'] = "WPA-PSK-SHA256"
2299 params
['ieee80211w'] = "2"
2300 hapd
= hostapd
.add_ap(apdev
[0], params
)
2302 dev
[0].set("dpp_config_processing", "2")
2303 addr
= dev
[0].own_addr().replace(':', '')
2304 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2305 res
= dev
[0].request(cmd
)
2307 raise Exception("Failed to generate bootstrapping info")
2309 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2311 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2313 raise Exception("Failed to parse QR Code URI")
2316 cmd
= "DPP_LISTEN 2412"
2317 if "OK" not in dev
[0].request(cmd
):
2318 raise Exception("Failed to start listen operation")
2320 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s pass=%s" % (id1
, "dpp-legacy".encode("hex"), "secret passphrase".encode("hex"))
2321 if "OK" not in dev
[1].request(cmd
):
2322 raise Exception("Failed to initiate DPP Authentication")
2323 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2325 raise Exception("DPP configuration not completed (Configurator)")
2326 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2328 raise Exception("DPP configuration not completed (Enrollee)")
2329 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2331 raise Exception("DPP network profile not generated")
2332 id = ev
.split(' ')[1]
2334 dev
[0].wait_connected()
2336 def test_dpp_qr_code_auth_responder_configurator(dev
, apdev
):
2337 """DPP QR Code and responder as the configurator"""
2338 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, "")
2340 def test_dpp_qr_code_auth_responder_configurator_group_id(dev
, apdev
):
2341 """DPP QR Code and responder as the configurator with group_id)"""
2342 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
,
2343 " group_id=test-group")
2345 def run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, extra
):
2346 check_dpp_capab(dev
[0])
2347 check_dpp_capab(dev
[1])
2348 cmd
= "DPP_CONFIGURATOR_ADD"
2349 res
= dev
[0].request(cmd
);
2351 raise Exception("Failed to add configurator")
2354 addr
= dev
[0].own_addr().replace(':', '')
2355 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2356 res
= dev
[0].request(cmd
)
2358 raise Exception("Failed to generate bootstrapping info")
2360 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2362 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2364 raise Exception("Failed to parse QR Code URI")
2367 dev
[0].set("dpp_configurator_params",
2368 " conf=sta-dpp configurator=%d%s" % (conf_id
, extra
));
2369 cmd
= "DPP_LISTEN 2412 role=configurator"
2370 if "OK" not in dev
[0].request(cmd
):
2371 raise Exception("Failed to start listen operation")
2372 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2373 if "OK" not in dev
[1].request(cmd
):
2374 raise Exception("Failed to initiate DPP Authentication")
2375 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2377 raise Exception("DPP authentication did not succeed (Responder)")
2378 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2380 raise Exception("DPP authentication did not succeed (Initiator)")
2381 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2383 raise Exception("DPP configuration not completed (Configurator)")
2384 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2386 raise Exception("DPP configuration not completed (Enrollee)")
2387 dev
[0].request("DPP_STOP_LISTEN")
2388 dev
[0].dump_monitor()
2389 dev
[1].dump_monitor()
2391 def test_dpp_qr_code_hostapd_init(dev
, apdev
):
2392 """DPP QR Code and hostapd as initiator"""
2393 check_dpp_capab(dev
[0])
2394 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2396 check_dpp_capab(hapd
)
2398 cmd
= "DPP_CONFIGURATOR_ADD"
2399 res
= dev
[0].request(cmd
);
2401 raise Exception("Failed to add configurator")
2404 addr
= dev
[0].own_addr().replace(':', '')
2405 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2406 res
= dev
[0].request(cmd
)
2408 raise Exception("Failed to generate bootstrapping info")
2410 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2412 dev
[0].set("dpp_configurator_params",
2413 " conf=ap-dpp configurator=%d" % conf_id
);
2414 cmd
= "DPP_LISTEN 2437 role=configurator"
2415 if "OK" not in dev
[0].request(cmd
):
2416 raise Exception("Failed to start listen operation")
2418 res
= hapd
.request("DPP_QR_CODE " + uri0
)
2420 raise Exception("Failed to parse QR Code URI")
2423 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2424 if "OK" not in hapd
.request(cmd
):
2425 raise Exception("Failed to initiate DPP Authentication")
2426 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2428 raise Exception("DPP authentication did not succeed (Responder)")
2429 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2431 raise Exception("DPP authentication did not succeed (Initiator)")
2432 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2434 raise Exception("DPP configuration not completed (Configurator)")
2435 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2437 raise Exception("DPP configuration not completed (Enrollee)")
2438 dev
[0].request("DPP_STOP_LISTEN")
2439 dev
[0].dump_monitor()
2441 def test_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
):
2442 """DPP QR Code and hostapd as initiator (offchannel)"""
2443 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, None)
2445 def test_dpp_qr_code_hostapd_init_offchannel_neg_freq(dev
, apdev
):
2446 """DPP QR Code and hostapd as initiator (offchannel, neg_freq)"""
2447 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, "neg_freq=2437")
2449 def run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, extra
):
2450 check_dpp_capab(dev
[0])
2451 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2453 check_dpp_capab(hapd
)
2455 cmd
= "DPP_CONFIGURATOR_ADD"
2456 res
= dev
[0].request(cmd
);
2458 raise Exception("Failed to add configurator")
2461 addr
= dev
[0].own_addr().replace(':', '')
2462 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1,81/11 mac=" + addr
2463 res
= dev
[0].request(cmd
)
2465 raise Exception("Failed to generate bootstrapping info")
2467 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2469 dev
[0].set("dpp_configurator_params",
2470 " conf=ap-dpp configurator=%d" % conf_id
);
2471 cmd
= "DPP_LISTEN 2462 role=configurator"
2472 if "OK" not in dev
[0].request(cmd
):
2473 raise Exception("Failed to start listen operation")
2475 res
= hapd
.request("DPP_QR_CODE " + uri0
)
2477 raise Exception("Failed to parse QR Code URI")
2480 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2483 if "OK" not in hapd
.request(cmd
):
2484 raise Exception("Failed to initiate DPP Authentication")
2485 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2487 raise Exception("DPP authentication did not succeed (Responder)")
2488 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2490 raise Exception("DPP authentication did not succeed (Initiator)")
2491 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2493 raise Exception("DPP configuration not completed (Configurator)")
2494 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2496 raise Exception("DPP configuration not completed (Enrollee)")
2497 dev
[0].request("DPP_STOP_LISTEN")
2498 dev
[0].dump_monitor()
2500 def test_dpp_test_vector_p_256(dev
, apdev
):
2501 """DPP P-256 test vector (mutual auth)"""
2502 check_dpp_capab(dev
[0])
2503 check_dpp_capab(dev
[1])
2505 # Responder bootstrapping key
2506 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2507 addr
= dev
[0].own_addr().replace(':', '')
2508 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2509 res
= dev
[0].request(cmd
)
2511 raise Exception("Failed to generate bootstrapping info")
2513 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2515 # Responder protocol keypair override
2516 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2517 dev
[0].set("dpp_protocol_key_override",
2518 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2520 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2522 # Initiator bootstrapping key
2523 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2524 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2525 res
= dev
[1].request(cmd
)
2527 raise Exception("Failed to generate bootstrapping info")
2529 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2531 # Initiator protocol keypair override
2532 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2533 dev
[1].set("dpp_protocol_key_override",
2534 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2536 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2538 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2540 raise Exception("Failed to parse QR Code URI")
2543 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2545 raise Exception("Failed to parse QR Code URI")
2548 cmd
= "DPP_LISTEN 2462 qr=mutual"
2549 if "OK" not in dev
[0].request(cmd
):
2550 raise Exception("Failed to start listen operation")
2552 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2553 if "OK" not in dev
[1].request(cmd
):
2554 raise Exception("Failed to initiate operation")
2556 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2558 raise Exception("DPP authentication did not succeed (Initiator)")
2559 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2561 raise Exception("DPP authentication did not succeed (Responder)")
2563 def test_dpp_test_vector_p_256_b(dev
, apdev
):
2564 """DPP P-256 test vector (Responder-only auth)"""
2565 check_dpp_capab(dev
[0])
2566 check_dpp_capab(dev
[1])
2568 # Responder bootstrapping key
2569 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2570 addr
= dev
[0].own_addr().replace(':', '')
2571 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2572 res
= dev
[0].request(cmd
)
2574 raise Exception("Failed to generate bootstrapping info")
2576 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2578 # Responder protocol keypair override
2579 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2580 dev
[0].set("dpp_protocol_key_override",
2581 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2583 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2585 # Initiator bootstrapping key
2586 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2587 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=30310201010420" + priv
+ "a00a06082a8648ce3d030107"
2588 res
= dev
[1].request(cmd
)
2590 raise Exception("Failed to generate bootstrapping info")
2592 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2594 # Initiator protocol keypair override
2595 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2596 dev
[1].set("dpp_protocol_key_override",
2597 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2599 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2601 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2603 raise Exception("Failed to parse QR Code URI")
2606 cmd
= "DPP_LISTEN 2462"
2607 if "OK" not in dev
[0].request(cmd
):
2608 raise Exception("Failed to start listen operation")
2610 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2611 if "OK" not in dev
[1].request(cmd
):
2612 raise Exception("Failed to initiate operation")
2614 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2616 raise Exception("DPP authentication did not succeed (Initiator)")
2617 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2619 raise Exception("DPP authentication did not succeed (Responder)")
2621 def der_priv_key_p_521(priv
):
2622 if len(priv
) != 2 * 66:
2623 raise Exception("Unexpected der_priv_key_p_521 parameter: " + priv
)
2624 der_prefix
= "3081500201010442"
2625 der_postfix
= "a00706052b81040023"
2626 return der_prefix
+ priv
+ der_postfix
2628 def test_dpp_test_vector_p_521(dev
, apdev
):
2629 """DPP P-521 test vector (mutual auth)"""
2630 check_dpp_capab(dev
[0])
2631 check_dpp_capab(dev
[1])
2633 # Responder bootstrapping key
2634 priv
= "0061e54f518cdf859735da3dd64c6f72c2f086f41a6fd52915152ea2fe0f24ddaecd8883730c9c9fd82cf7c043a41021696388cf5190b731dd83638bcd56d8b6c743"
2635 addr
= dev
[0].own_addr().replace(':', '')
2636 #cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr + " key=" + der_prefix + priv + der_postfix
2637 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
+ " key=" + der_priv_key_p_521(priv
)
2638 res
= dev
[0].request(cmd
)
2640 raise Exception("Failed to generate bootstrapping info")
2642 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2644 # Responder protocol keypair override
2645 priv
= "01d8b7b17cd1b0a33f7c66fb4220999329cdaf4f8b44b2ffadde8ab8ed8abffa9f5358c5b1caae26709ca4fb78e52a4d08f2e4f24111a36a6f440d20a0000ff51597"
2646 dev
[0].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2648 dev
[0].set("dpp_nonce_override",
2649 "d749a782012eb0a8595af30b2dfc8d0880d004ebddb55ecc5afbdef18c400e01")
2651 # Initiator bootstrapping key
2652 priv
= "0060c10df14af5ef27f6e362d31bdd9eeb44be77a323ba64b08f3f03d58b92cbfe05c182a91660caa081ca344243c47b5aa088bcdf738840eb35f0218b9f26881e02"
2653 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode key=" + der_priv_key_p_521(priv
)
2654 res
= dev
[1].request(cmd
)
2656 raise Exception("Failed to generate bootstrapping info")
2658 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2660 # Initiator protocol keypair override
2661 priv
= "019c1c08caaeec38fb931894699b095bc3ab8c1ec7ef0622d2e3eba821477c8c6fca41774f21166ad98aebda37c067d9aa08a8a2e1b5c44c61f2bae02a61f85d9661"
2662 dev
[1].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2664 dev
[1].set("dpp_nonce_override",
2665 "de972af3847bec3ba2aedd9f5c21cfdec7bf0bc5fe8b276cbcd0267807fb15b0")
2667 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
2669 raise Exception("Failed to parse QR Code URI")
2672 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
2674 raise Exception("Failed to parse QR Code URI")
2677 cmd
= "DPP_LISTEN 2462 qr=mutual"
2678 if "OK" not in dev
[0].request(cmd
):
2679 raise Exception("Failed to start listen operation")
2681 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2682 if "OK" not in dev
[1].request(cmd
):
2683 raise Exception("Failed to initiate operation")
2685 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2687 raise Exception("DPP authentication did not succeed (Initiator)")
2688 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2690 raise Exception("DPP authentication did not succeed (Responder)")
2692 def test_dpp_pkex(dev
, apdev
):
2694 run_dpp_pkex(dev
, apdev
)
2696 def test_dpp_pkex_p256(dev
, apdev
):
2697 """DPP and PKEX (P-256)"""
2698 run_dpp_pkex(dev
, apdev
, "P-256")
2700 def test_dpp_pkex_p384(dev
, apdev
):
2701 """DPP and PKEX (P-384)"""
2702 run_dpp_pkex(dev
, apdev
, "P-384")
2704 def test_dpp_pkex_p521(dev
, apdev
):
2705 """DPP and PKEX (P-521)"""
2706 run_dpp_pkex(dev
, apdev
, "P-521")
2708 def test_dpp_pkex_bp256(dev
, apdev
):
2709 """DPP and PKEX (BP-256)"""
2710 run_dpp_pkex(dev
, apdev
, "brainpoolP256r1")
2712 def test_dpp_pkex_bp384(dev
, apdev
):
2713 """DPP and PKEX (BP-384)"""
2714 run_dpp_pkex(dev
, apdev
, "brainpoolP384r1")
2716 def test_dpp_pkex_bp512(dev
, apdev
):
2717 """DPP and PKEX (BP-512)"""
2718 run_dpp_pkex(dev
, apdev
, "brainpoolP512r1")
2720 def test_dpp_pkex_config(dev
, apdev
):
2721 """DPP and PKEX with initiator as the configurator"""
2722 check_dpp_capab(dev
[1])
2724 cmd
= "DPP_CONFIGURATOR_ADD"
2725 res
= dev
[1].request(cmd
);
2727 raise Exception("Failed to add configurator")
2730 run_dpp_pkex(dev
, apdev
,
2731 init_extra
="conf=sta-dpp configurator=%d" % (conf_id
),
2734 def test_dpp_pkex_no_identifier(dev
, apdev
):
2735 """DPP and PKEX without identifier"""
2736 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
=None)
2738 def test_dpp_pkex_identifier_mismatch(dev
, apdev
):
2739 """DPP and PKEX with different identifiers"""
2740 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
="bar",
2741 expect_no_resp
=True)
2743 def test_dpp_pkex_identifier_mismatch2(dev
, apdev
):
2744 """DPP and PKEX with initiator using identifier and the responder not"""
2745 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
=None,
2746 expect_no_resp
=True)
2748 def test_dpp_pkex_identifier_mismatch3(dev
, apdev
):
2749 """DPP and PKEX with responder using identifier and the initiator not"""
2750 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
="bar",
2751 expect_no_resp
=True)
2753 def run_dpp_pkex(dev
, apdev
, curve
=None, init_extra
="", check_config
=False,
2754 identifier_i
="test", identifier_r
="test",
2755 expect_no_resp
=False):
2756 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
2757 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
2759 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2761 cmd
+= " curve=" + curve
2762 res
= dev
[0].request(cmd
)
2764 raise Exception("Failed to generate bootstrapping info")
2767 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2769 cmd
+= " curve=" + curve
2770 res
= dev
[1].request(cmd
)
2772 raise Exception("Failed to generate bootstrapping info")
2775 identifier
= " identifier=" + identifier_r
if identifier_r
else ""
2776 cmd
= "DPP_PKEX_ADD own=%d%s code=secret" % (id0
, identifier
)
2777 res
= dev
[0].request(cmd
)
2779 raise Exception("Failed to set PKEX data (responder)")
2780 cmd
= "DPP_LISTEN 2437"
2781 if "OK" not in dev
[0].request(cmd
):
2782 raise Exception("Failed to start listen operation")
2784 identifier
= " identifier=" + identifier_i
if identifier_i
else ""
2785 cmd
= "DPP_PKEX_ADD own=%d%s init=1 %s code=secret" % (id1
, identifier
,
2787 res
= dev
[1].request(cmd
)
2789 raise Exception("Failed to set PKEX data (initiator)")
2792 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=10)
2794 raise Exception("DPP PKEX frame not received")
2795 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=1)
2797 raise Exception("DPP authentication succeeded")
2798 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=0.1)
2800 raise Exception("DPP authentication succeeded")
2803 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2805 raise Exception("DPP authentication did not succeed (Initiator)")
2806 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2808 raise Exception("DPP authentication did not succeed (Responder)")
2811 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
2813 raise Exception("DPP configuration not completed (Configurator)")
2814 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2816 raise Exception("DPP configuration not completed (Enrollee)")
2818 def test_dpp_pkex_5ghz(dev
, apdev
):
2819 """DPP and PKEX on 5 GHz"""
2821 dev
[0].request("SET country US")
2822 dev
[1].request("SET country US")
2823 ev
= dev
[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout
=1)
2825 ev
= dev
[0].wait_global_event(["CTRL-EVENT-REGDOM-CHANGE"],
2827 run_dpp_pkex_5ghz(dev
, apdev
)
2829 dev
[0].request("SET country 00")
2830 dev
[1].request("SET country 00")
2831 subprocess
.call(['iw', 'reg', 'set', '00'])
2834 def run_dpp_pkex_5ghz(dev
, apdev
):
2835 check_dpp_capab(dev
[0])
2836 check_dpp_capab(dev
[1])
2838 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2839 res
= dev
[0].request(cmd
)
2841 raise Exception("Failed to generate bootstrapping info")
2844 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2845 res
= dev
[1].request(cmd
)
2847 raise Exception("Failed to generate bootstrapping info")
2850 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2851 res
= dev
[0].request(cmd
)
2853 raise Exception("Failed to set PKEX data (responder)")
2854 cmd
= "DPP_LISTEN 5745"
2855 if "OK" not in dev
[0].request(cmd
):
2856 raise Exception("Failed to start listen operation")
2858 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % (id1
)
2859 res
= dev
[1].request(cmd
)
2861 raise Exception("Failed to set PKEX data (initiator)")
2863 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout
=20)
2864 if ev
is None or "DPP-AUTH-SUCCESS" not in ev
:
2865 raise Exception("DPP authentication did not succeed (Initiator)")
2866 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2868 raise Exception("DPP authentication did not succeed (Responder)")
2870 def test_dpp_pkex_test_vector(dev
, apdev
):
2871 """DPP and PKEX (P-256) test vector"""
2872 check_dpp_capab(dev
[0])
2873 check_dpp_capab(dev
[1])
2875 init_addr
= "ac:64:91:f4:52:07"
2876 resp_addr
= "6e:5e:ce:6e:f3:dd"
2878 identifier
= "joes_key"
2879 code
= "thisisreallysecret"
2881 # Initiator bootstrapping private key
2882 init_priv
= "5941b51acfc702cdc1c347264beb2920db88eb1a0bf03a211868b1632233c269"
2884 # Responder bootstrapping private key
2885 resp_priv
= "2ae8956293f49986b6d0b8169a86805d9232babb5f6813fdfe96f19d59536c60"
2887 # Initiator x/X keypair override
2888 init_x_priv
= "8365c5ed93d751bef2d92b410dc6adfd95670889183fac1bd66759ad85c3187a"
2890 # Responder y/Y keypair override
2891 resp_y_priv
= "d98faa24d7dd3f592665d71a95c862bfd02c4c48acb0c515a41cbc6e929675ea"
2893 p256_prefix
= "30310201010420"
2894 p256_postfix
= "a00a06082a8648ce3d030107"
2896 dev
[0].set("dpp_pkex_own_mac_override", resp_addr
)
2897 dev
[0].set("dpp_pkex_peer_mac_override", init_addr
)
2898 dev
[1].set("dpp_pkex_own_mac_override", init_addr
)
2899 dev
[1].set("dpp_pkex_peer_mac_override", resp_addr
)
2901 # Responder bootstrapping key
2902 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ resp_priv
+ p256_postfix
2903 res
= dev
[0].request(cmd
)
2905 raise Exception("Failed to generate bootstrapping info")
2908 # Responder y/Y keypair override
2909 dev
[0].set("dpp_pkex_ephemeral_key_override",
2910 p256_prefix
+ resp_y_priv
+ p256_postfix
)
2912 # Initiator bootstrapping key
2913 cmd
= "DPP_BOOTSTRAP_GEN type=pkex key=" + p256_prefix
+ init_priv
+ p256_postfix
2914 res
= dev
[1].request(cmd
)
2916 raise Exception("Failed to generate bootstrapping info")
2919 # Initiator x/X keypair override
2920 dev
[1].set("dpp_pkex_ephemeral_key_override",
2921 p256_prefix
+ init_x_priv
+ p256_postfix
)
2923 cmd
= "DPP_PKEX_ADD own=%d identifier=%s code=%s" % (id0
, identifier
, code
)
2924 res
= dev
[0].request(cmd
)
2926 raise Exception("Failed to set PKEX data (responder)")
2927 cmd
= "DPP_LISTEN 2437"
2928 if "OK" not in dev
[0].request(cmd
):
2929 raise Exception("Failed to start listen operation")
2931 cmd
= "DPP_PKEX_ADD own=%d identifier=%s init=1 code=%s" % (id1
, identifier
, code
)
2932 res
= dev
[1].request(cmd
)
2934 raise Exception("Failed to set PKEX data (initiator)")
2936 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2938 raise Exception("DPP authentication did not succeed (Initiator)")
2939 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2941 raise Exception("DPP authentication did not succeed (Responder)")
2943 def test_dpp_pkex_code_mismatch(dev
, apdev
):
2944 """DPP and PKEX with mismatching code"""
2945 check_dpp_capab(dev
[0])
2946 check_dpp_capab(dev
[1])
2948 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2949 res
= dev
[0].request(cmd
)
2951 raise Exception("Failed to generate bootstrapping info")
2954 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
2955 res
= dev
[1].request(cmd
)
2957 raise Exception("Failed to generate bootstrapping info")
2960 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2961 res
= dev
[0].request(cmd
)
2963 raise Exception("Failed to set PKEX data (responder)")
2964 cmd
= "DPP_LISTEN 2437"
2965 if "OK" not in dev
[0].request(cmd
):
2966 raise Exception("Failed to start listen operation")
2968 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2969 res
= dev
[1].request(cmd
)
2971 raise Exception("Failed to set PKEX data (initiator)")
2973 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2975 raise Exception("Failure not reported")
2976 if "possible PKEX code mismatch" not in ev
:
2977 raise Exception("Unexpected result: " + ev
)
2979 dev
[0].dump_monitor()
2980 dev
[1].dump_monitor()
2982 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2983 res
= dev
[1].request(cmd
)
2985 raise Exception("Failed to set PKEX data (initiator, retry)")
2987 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2989 raise Exception("DPP authentication did not succeed (Initiator, retry)")
2990 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2992 raise Exception("DPP authentication did not succeed (Responder, retry)")
2994 def test_dpp_pkex_code_mismatch_limit(dev
, apdev
):
2995 """DPP and PKEX with mismatching code limit"""
2996 check_dpp_capab(dev
[0])
2997 check_dpp_capab(dev
[1])
2999 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3000 res
= dev
[0].request(cmd
)
3002 raise Exception("Failed to generate bootstrapping info")
3005 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3006 res
= dev
[1].request(cmd
)
3008 raise Exception("Failed to generate bootstrapping info")
3011 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3012 res
= dev
[0].request(cmd
)
3014 raise Exception("Failed to set PKEX data (responder)")
3015 cmd
= "DPP_LISTEN 2437"
3016 if "OK" not in dev
[0].request(cmd
):
3017 raise Exception("Failed to start listen operation")
3020 dev
[0].dump_monitor()
3021 dev
[1].dump_monitor()
3022 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
3023 res
= dev
[1].request(cmd
)
3025 raise Exception("Failed to set PKEX data (initiator)")
3027 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3029 raise Exception("Failure not reported")
3030 if "possible PKEX code mismatch" not in ev
:
3031 raise Exception("Unexpected result: " + ev
)
3033 ev
= dev
[0].wait_event(["DPP-PKEX-T-LIMIT"], timeout
=1)
3035 raise Exception("PKEX t limit not reported")
3037 def test_dpp_pkex_curve_mismatch(dev
, apdev
):
3038 """DPP and PKEX with mismatching curve"""
3039 check_dpp_capab(dev
[0])
3040 check_dpp_capab(dev
[1])
3042 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
3043 res
= dev
[0].request(cmd
)
3045 raise Exception("Failed to generate bootstrapping info")
3048 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
3049 res
= dev
[1].request(cmd
)
3051 raise Exception("Failed to generate bootstrapping info")
3054 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3055 res
= dev
[0].request(cmd
)
3057 raise Exception("Failed to set PKEX data (responder)")
3058 cmd
= "DPP_LISTEN 2437"
3059 if "OK" not in dev
[0].request(cmd
):
3060 raise Exception("Failed to start listen operation")
3062 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3063 res
= dev
[1].request(cmd
)
3065 raise Exception("Failed to set PKEX data (initiator)")
3067 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3069 raise Exception("Failure not reported (dev 0)")
3070 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
3071 raise Exception("Unexpected result: " + ev
)
3073 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3075 raise Exception("Failure not reported (dev 1)")
3076 if "Peer indicated mismatching PKEX group - proposed 19" not in ev
:
3077 raise Exception("Unexpected result: " + ev
)
3079 def test_dpp_pkex_curve_mismatch_failure(dev
, apdev
):
3080 """DPP and PKEX with mismatching curve (local failure)"""
3081 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, "=dpp_pkex_rx_exchange_req")
3083 def test_dpp_pkex_curve_mismatch_failure2(dev
, apdev
):
3084 """DPP and PKEX with mismatching curve (local failure 2)"""
3085 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
,
3086 "dpp_pkex_build_exchange_resp")
3088 def run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, func
):
3089 check_dpp_capab(dev
[0])
3090 check_dpp_capab(dev
[1])
3092 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-256"
3093 res
= dev
[0].request(cmd
)
3095 raise Exception("Failed to generate bootstrapping info")
3098 cmd
= "DPP_BOOTSTRAP_GEN type=pkex curve=P-384"
3099 res
= dev
[1].request(cmd
)
3101 raise Exception("Failed to generate bootstrapping info")
3104 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3105 res
= dev
[0].request(cmd
)
3107 raise Exception("Failed to set PKEX data (responder)")
3108 cmd
= "DPP_LISTEN 2437"
3109 if "OK" not in dev
[0].request(cmd
):
3110 raise Exception("Failed to start listen operation")
3112 with
alloc_fail(dev
[0], 1, func
):
3113 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3114 res
= dev
[1].request(cmd
)
3116 raise Exception("Failed to set PKEX data (initiator)")
3118 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3120 raise Exception("Failure not reported (dev 0)")
3121 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
3122 raise Exception("Unexpected result: " + ev
)
3124 def test_dpp_pkex_exchange_resp_processing_failure(dev
, apdev
):
3125 """DPP and PKEX with local failure in processing Exchange Resp"""
3126 check_dpp_capab(dev
[0])
3127 check_dpp_capab(dev
[1])
3129 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3130 res
= dev
[0].request(cmd
)
3132 raise Exception("Failed to generate bootstrapping info")
3135 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3136 res
= dev
[1].request(cmd
)
3138 raise Exception("Failed to generate bootstrapping info")
3141 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3142 res
= dev
[0].request(cmd
)
3144 raise Exception("Failed to set PKEX data (responder)")
3145 cmd
= "DPP_LISTEN 2437"
3146 if "OK" not in dev
[0].request(cmd
):
3147 raise Exception("Failed to start listen operation")
3149 with
fail_test(dev
[1], 1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_resp"):
3150 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3151 res
= dev
[1].request(cmd
)
3153 raise Exception("Failed to set PKEX data (initiator)")
3154 wait_fail_trigger(dev
[1], "GET_FAIL")
3156 def test_dpp_pkex_commit_reveal_req_processing_failure(dev
, apdev
):
3157 """DPP and PKEX with local failure in processing Commit Reveal Req"""
3158 check_dpp_capab(dev
[0])
3159 check_dpp_capab(dev
[1])
3161 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3162 res
= dev
[0].request(cmd
)
3164 raise Exception("Failed to generate bootstrapping info")
3167 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3168 res
= dev
[1].request(cmd
)
3170 raise Exception("Failed to generate bootstrapping info")
3173 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3174 res
= dev
[0].request(cmd
)
3176 raise Exception("Failed to set PKEX data (responder)")
3177 cmd
= "DPP_LISTEN 2437"
3178 if "OK" not in dev
[0].request(cmd
):
3179 raise Exception("Failed to start listen operation")
3181 with
alloc_fail(dev
[0], 1,
3182 "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"):
3183 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
3184 res
= dev
[1].request(cmd
)
3186 raise Exception("Failed to set PKEX data (initiator)")
3187 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
3189 def test_dpp_pkex_config2(dev
, apdev
):
3190 """DPP and PKEX with responder as the configurator"""
3191 check_dpp_capab(dev
[0])
3193 cmd
= "DPP_CONFIGURATOR_ADD"
3194 res
= dev
[0].request(cmd
);
3196 raise Exception("Failed to add configurator")
3199 dev
[0].set("dpp_configurator_params",
3200 " conf=sta-dpp configurator=%d" % conf_id
);
3201 run_dpp_pkex2(dev
, apdev
)
3203 def run_dpp_pkex2(dev
, apdev
, curve
=None, init_extra
=""):
3204 check_dpp_capab(dev
[0])
3205 check_dpp_capab(dev
[1])
3207 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3209 cmd
+= " curve=" + curve
3210 res
= dev
[0].request(cmd
)
3212 raise Exception("Failed to generate bootstrapping info")
3215 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3217 cmd
+= " curve=" + curve
3218 res
= dev
[1].request(cmd
)
3220 raise Exception("Failed to generate bootstrapping info")
3223 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3224 res
= dev
[0].request(cmd
)
3226 raise Exception("Failed to set PKEX data (responder)")
3227 cmd
= "DPP_LISTEN 2437 role=configurator"
3228 if "OK" not in dev
[0].request(cmd
):
3229 raise Exception("Failed to start listen operation")
3231 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee %s code=secret" % (id1
, init_extra
)
3232 res
= dev
[1].request(cmd
)
3234 raise Exception("Failed to set PKEX data (initiator)")
3236 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3238 raise Exception("DPP authentication did not succeed (Initiator)")
3239 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3241 raise Exception("DPP authentication did not succeed (Responder)")
3243 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3245 raise Exception("DPP configuration not completed (Configurator)")
3246 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3248 raise Exception("DPP configuration not completed (Enrollee)")
3250 def test_dpp_pkex_no_responder(dev
, apdev
):
3251 """DPP and PKEX with no responder (retry behavior)"""
3252 check_dpp_capab(dev
[0])
3254 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3255 res
= dev
[0].request(cmd
)
3257 raise Exception("Failed to generate bootstrapping info")
3260 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3261 res
= dev
[0].request(cmd
)
3263 raise Exception("Failed to set PKEX data (initiator)")
3265 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=15)
3267 raise Exception("DPP PKEX failure not reported")
3268 if "No response from PKEX peer" not in ev
:
3269 raise Exception("Unexpected failure reason: " + ev
)
3271 def test_dpp_pkex_after_retry(dev
, apdev
):
3272 """DPP and PKEX completing after retry"""
3273 check_dpp_capab(dev
[0])
3275 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3276 res
= dev
[0].request(cmd
)
3278 raise Exception("Failed to generate bootstrapping info")
3281 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
3282 res
= dev
[0].request(cmd
)
3284 raise Exception("Failed to set PKEX data (initiator)")
3287 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3288 res
= dev
[1].request(cmd
)
3290 raise Exception("Failed to generate bootstrapping info")
3293 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
3294 res
= dev
[1].request(cmd
)
3296 raise Exception("Failed to set PKEX data (responder)")
3297 cmd
= "DPP_LISTEN 2437"
3298 if "OK" not in dev
[1].request(cmd
):
3299 raise Exception("Failed to start listen operation")
3301 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
3303 raise Exception("DPP authentication did not succeed (Responder)")
3304 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3306 raise Exception("DPP authentication did not succeed (Initiator)")
3307 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3309 raise Exception("DPP configuration not completed (Configurator)")
3310 # Ignore Enrollee result since configurator was not set here
3312 def test_dpp_pkex_hostapd_responder(dev
, apdev
):
3313 """DPP PKEX with hostapd as responder"""
3314 check_dpp_capab(dev
[0])
3315 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3317 check_dpp_capab(hapd
)
3319 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3320 res
= hapd
.request(cmd
)
3322 raise Exception("Failed to generate bootstrapping info (hostapd)")
3325 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id_h
)
3326 res
= hapd
.request(cmd
)
3328 raise Exception("Failed to set PKEX data (responder/hostapd)")
3330 cmd
= "DPP_CONFIGURATOR_ADD"
3331 res
= dev
[0].request(cmd
);
3333 raise Exception("Failed to add configurator")
3336 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3337 res
= dev
[0].request(cmd
)
3339 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3342 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=ap-dpp configurator=%d code=secret" % (id0
, conf_id
)
3343 res
= dev
[0].request(cmd
)
3345 raise Exception("Failed to set PKEX data (initiator/wpa_supplicant)")
3347 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3349 raise Exception("DPP authentication did not succeed (Initiator)")
3350 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3352 raise Exception("DPP authentication did not succeed (Responder)")
3353 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3355 raise Exception("DPP configuration not completed (Configurator)")
3356 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3358 raise Exception("DPP configuration not completed (Enrollee)")
3359 dev
[0].request("DPP_STOP_LISTEN")
3360 dev
[0].dump_monitor()
3362 def test_dpp_pkex_hostapd_initiator(dev
, apdev
):
3363 """DPP PKEX with hostapd as initiator"""
3364 check_dpp_capab(dev
[0])
3365 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3367 check_dpp_capab(hapd
)
3369 cmd
= "DPP_CONFIGURATOR_ADD"
3370 res
= dev
[0].request(cmd
);
3372 raise Exception("Failed to add configurator")
3375 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3376 res
= dev
[0].request(cmd
)
3378 raise Exception("Failed to generate bootstrapping info (wpa_supplicant)")
3381 dev
[0].set("dpp_configurator_params",
3382 " conf=ap-dpp configurator=%d" % conf_id
);
3384 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
3385 res
= dev
[0].request(cmd
)
3387 raise Exception("Failed to set PKEX data (responder/wpa_supplicant)")
3389 cmd
= "DPP_LISTEN 2437 role=configurator"
3390 if "OK" not in dev
[0].request(cmd
):
3391 raise Exception("Failed to start listen operation")
3393 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
3394 res
= hapd
.request(cmd
)
3396 raise Exception("Failed to generate bootstrapping info (hostapd)")
3399 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee code=secret" % (id_h
)
3400 res
= hapd
.request(cmd
)
3402 raise Exception("Failed to set PKEX data (initiator/hostapd)")
3404 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3406 raise Exception("DPP authentication did not succeed (Initiator)")
3407 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3409 raise Exception("DPP authentication did not succeed (Responder)")
3410 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3412 raise Exception("DPP configuration not completed (Configurator)")
3413 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3415 raise Exception("DPP configuration not completed (Enrollee)")
3416 dev
[0].request("DPP_STOP_LISTEN")
3417 dev
[0].dump_monitor()
3419 def test_dpp_hostapd_configurator(dev
, apdev
):
3420 """DPP with hostapd as configurator/initiator"""
3421 check_dpp_capab(dev
[0])
3422 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3424 check_dpp_capab(hapd
)
3426 cmd
= "DPP_CONFIGURATOR_ADD"
3427 res
= hapd
.request(cmd
);
3429 raise Exception("Failed to add configurator")
3432 addr
= dev
[0].own_addr().replace(':', '')
3433 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3434 res
= dev
[0].request(cmd
)
3436 raise Exception("Failed to generate bootstrapping info")
3438 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3440 res
= hapd
.request("DPP_QR_CODE " + uri0
)
3442 raise Exception("Failed to parse QR Code URI")
3445 res
= hapd
.request("DPP_BOOTSTRAP_INFO %d" % id0
)
3447 raise Exception("DPP_BOOTSTRAP_INFO failed")
3448 if "type=QRCODE" not in res
:
3449 raise Exception("DPP_BOOTSTRAP_INFO did not report correct type")
3450 if "mac_addr=" + dev
[0].own_addr() not in res
:
3451 raise Exception("DPP_BOOTSTRAP_INFO did not report correct mac_addr")
3453 cmd
= "DPP_LISTEN 2412"
3454 if "OK" not in dev
[0].request(cmd
):
3455 raise Exception("Failed to start listen operation")
3456 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3457 if "OK" not in hapd
.request(cmd
):
3458 raise Exception("Failed to initiate DPP Authentication")
3460 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3462 raise Exception("DPP authentication did not succeed (Responder)")
3463 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3465 raise Exception("DPP authentication did not succeed (Initiator)")
3466 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3468 raise Exception("DPP configuration not completed (Configurator)")
3469 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3471 raise Exception("DPP configuration not completed (Enrollee)")
3472 dev
[0].request("DPP_STOP_LISTEN")
3473 dev
[0].dump_monitor()
3475 def test_dpp_hostapd_configurator_responder(dev
, apdev
):
3476 """DPP with hostapd as configurator/responder"""
3477 check_dpp_capab(dev
[0])
3478 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3480 check_dpp_capab(hapd
)
3482 cmd
= "DPP_CONFIGURATOR_ADD"
3483 res
= hapd
.request(cmd
);
3485 raise Exception("Failed to add configurator")
3488 hapd
.set("dpp_configurator_params",
3489 " conf=sta-dpp configurator=%d" % conf_id
);
3491 addr
= hapd
.own_addr().replace(':', '')
3492 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3493 res
= hapd
.request(cmd
)
3495 raise Exception("Failed to generate bootstrapping info")
3497 uri0
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3499 res
= dev
[0].request("DPP_QR_CODE " + uri0
)
3501 raise Exception("Failed to parse QR Code URI")
3504 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3505 if "OK" not in dev
[0].request(cmd
):
3506 raise Exception("Failed to initiate DPP Authentication")
3508 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3510 raise Exception("DPP authentication did not succeed (Responder)")
3511 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3513 raise Exception("DPP authentication did not succeed (Initiator)")
3514 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3516 raise Exception("DPP configuration not completed (Configurator)")
3517 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3519 raise Exception("DPP configuration not completed (Enrollee)")
3520 dev
[0].request("DPP_STOP_LISTEN")
3521 dev
[0].dump_monitor()
3523 def test_dpp_own_config(dev
, apdev
):
3524 """DPP configurator signing own connector"""
3526 run_dpp_own_config(dev
, apdev
)
3528 dev
[0].set("dpp_config_processing", "0")
3530 def test_dpp_own_config_group_id(dev
, apdev
):
3531 """DPP configurator signing own connector"""
3533 run_dpp_own_config(dev
, apdev
, extra
=" group_id=test-group")
3535 dev
[0].set("dpp_config_processing", "0")
3537 def test_dpp_own_config_curve_mismatch(dev
, apdev
):
3538 """DPP configurator signing own connector using mismatching curve"""
3540 run_dpp_own_config(dev
, apdev
, own_curve
="BP-384", expect_failure
=True)
3542 dev
[0].set("dpp_config_processing", "0")
3544 def run_dpp_own_config(dev
, apdev
, own_curve
=None, expect_failure
=False,
3546 check_dpp_capab(dev
[0], own_curve
and "BP" in own_curve
)
3547 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3548 check_dpp_capab(hapd
)
3550 addr
= hapd
.own_addr().replace(':', '')
3551 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3552 res
= hapd
.request(cmd
)
3554 raise Exception("Failed to generate bootstrapping info")
3556 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3558 cmd
= "DPP_CONFIGURATOR_ADD"
3559 res
= dev
[0].request(cmd
);
3561 raise Exception("Failed to add configurator")
3564 res
= dev
[0].request("DPP_QR_CODE " + uri
)
3566 raise Exception("Failed to parse QR Code URI")
3569 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d%s" % (id, conf_id
, extra
)
3570 if "OK" not in dev
[0].request(cmd
):
3571 raise Exception("Failed to initiate DPP Authentication")
3572 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3574 raise Exception("DPP authentication did not succeed (Responder)")
3575 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3577 raise Exception("DPP authentication did not succeed (Initiator)")
3578 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3580 raise Exception("DPP configuration not completed (Configurator)")
3581 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3583 raise Exception("DPP configuration not completed (Enrollee)")
3585 update_hapd_config(hapd
)
3587 dev
[0].set("dpp_config_processing", "1")
3588 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d%s" % (conf_id
, extra
)
3590 cmd
+= " curve=" + own_curve
3591 res
= dev
[0].request(cmd
)
3593 raise Exception("Failed to generate own configuration")
3595 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
3597 raise Exception("DPP network profile not generated")
3598 id = ev
.split(' ')[1]
3599 dev
[0].select_network(id, freq
="2412")
3601 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=1)
3603 raise Exception("Unexpected connection");
3604 dev
[0].request("DISCONNECT")
3606 dev
[0].wait_connected()
3608 def test_dpp_own_config_ap(dev
, apdev
):
3609 """DPP configurator (AP) signing own connector"""
3611 run_dpp_own_config_ap(dev
, apdev
)
3613 dev
[0].set("dpp_config_processing", "0")
3615 def test_dpp_own_config_ap_group_id(dev
, apdev
):
3616 """DPP configurator (AP) signing own connector (group_id)"""
3618 run_dpp_own_config_ap(dev
, apdev
, extra
=" group_id=test-group")
3620 dev
[0].set("dpp_config_processing", "0")
3622 def test_dpp_own_config_ap_reconf(dev
, apdev
):
3623 """DPP configurator (AP) signing own connector and configurator reconf"""
3625 run_dpp_own_config_ap(dev
, apdev
)
3627 dev
[0].set("dpp_config_processing", "0")
3629 def run_dpp_own_config_ap(dev
, apdev
, reconf_configurator
=False, extra
=""):
3630 check_dpp_capab(dev
[0])
3631 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3632 check_dpp_capab(hapd
)
3634 cmd
= "DPP_CONFIGURATOR_ADD"
3635 res
= hapd
.request(cmd
);
3637 raise Exception("Failed to add configurator")
3640 if reconf_configurator
:
3641 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
3642 if "FAIL" in csign
or len(csign
) == 0:
3643 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
3645 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d%s" % (conf_id
, extra
)
3646 res
= hapd
.request(cmd
)
3648 raise Exception("Failed to generate own configuration")
3649 update_hapd_config(hapd
)
3651 if reconf_configurator
:
3652 res
= hapd
.request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
3654 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
3655 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
3656 res
= hapd
.request(cmd
);
3658 raise Exception("Failed to add configurator (reconf)")
3661 addr
= dev
[0].own_addr().replace(':', '')
3662 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3663 res
= dev
[0].request(cmd
)
3665 raise Exception("Failed to generate bootstrapping info")
3667 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
3669 res
= hapd
.request("DPP_QR_CODE " + uri
)
3671 raise Exception("Failed to parse QR Code URI")
3674 dev
[0].set("dpp_config_processing", "2")
3675 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
3676 raise Exception("Failed to start listen operation")
3677 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d%s" % (id, conf_id
, extra
)
3678 if "OK" not in hapd
.request(cmd
):
3679 raise Exception("Failed to initiate DPP Authentication")
3680 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3682 raise Exception("DPP authentication did not succeed (Initiator)")
3683 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3685 raise Exception("DPP configuration not completed (Configurator)")
3686 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
3688 raise Exception("DPP configuration not completed (Enrollee)")
3689 if "DPP-CONF-RECEIVED" not in ev
:
3690 raise Exception("DPP configuration failed (Enrollee)")
3692 dev
[0].wait_connected()
3694 def test_dpp_intro_mismatch(dev
, apdev
):
3695 """DPP network introduction mismatch cases"""
3698 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3699 wpas
.interface_add("wlan5")
3700 check_dpp_capab(wpas
)
3701 run_dpp_intro_mismatch(dev
, apdev
, wpas
)
3703 dev
[0].set("dpp_config_processing", "0")
3704 dev
[2].set("dpp_config_processing", "0")
3706 wpas
.set("dpp_config_processing", "0")
3708 def run_dpp_intro_mismatch(dev
, apdev
, wpas
):
3709 check_dpp_capab(dev
[0])
3710 check_dpp_capab(dev
[1])
3711 check_dpp_capab(dev
[2])
3713 logger
.info("Start AP in unconfigured state")
3714 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3715 check_dpp_capab(hapd
)
3717 addr
= hapd
.own_addr().replace(':', '')
3718 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3719 res
= hapd
.request(cmd
)
3721 raise Exception("Failed to generate bootstrapping info")
3723 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3725 logger
.info("Provision AP with DPP configuration")
3726 res
= dev
[1].request("DPP_CONFIGURATOR_ADD");
3728 raise Exception("Failed to add configurator")
3731 res
= dev
[1].request("DPP_QR_CODE " + uri
)
3733 raise Exception("Failed to parse QR Code URI")
3736 dev
[1].set("dpp_groups_override", '[{"groupId":"a","netRole":"ap"}]')
3737 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
3738 if "OK" not in dev
[1].request(cmd
):
3739 raise Exception("Failed to initiate DPP Authentication")
3740 update_hapd_config(hapd
)
3742 logger
.info("Provision STA0 with DPP Connector that has mismatching groupId")
3743 dev
[0].set("dpp_config_processing", "2")
3744 addr
= dev
[0].own_addr().replace(':', '')
3745 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3746 res
= dev
[0].request(cmd
)
3748 raise Exception("Failed to generate bootstrapping info")
3750 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3752 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
3754 raise Exception("Failed to parse QR Code URI")
3757 cmd
= "DPP_LISTEN 2412"
3758 if "OK" not in dev
[0].request(cmd
):
3759 raise Exception("Failed to start listen operation")
3761 dev
[1].set("dpp_groups_override", '[{"groupId":"b","netRole":"sta"}]')
3762 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3763 if "OK" not in dev
[1].request(cmd
):
3764 raise Exception("Failed to initiate DPP Authentication")
3765 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3767 raise Exception("DPP configuration not completed (Configurator for STA0)")
3768 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3770 raise Exception("DPP configuration not completed (Enrollee STA0)")
3772 logger
.info("Provision STA2 with DPP Connector that has mismatching C-sign-key")
3773 dev
[2].set("dpp_config_processing", "2")
3774 addr
= dev
[2].own_addr().replace(':', '')
3775 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3776 res
= dev
[2].request(cmd
)
3778 raise Exception("Failed to generate bootstrapping info")
3780 uri2
= dev
[2].request("DPP_BOOTSTRAP_GET_URI %d" % id2
)
3782 res
= dev
[1].request("DPP_QR_CODE " + uri2
)
3784 raise Exception("Failed to parse QR Code URI")
3787 cmd
= "DPP_LISTEN 2412"
3788 if "OK" not in dev
[2].request(cmd
):
3789 raise Exception("Failed to start listen operation")
3791 res
= dev
[1].request("DPP_CONFIGURATOR_ADD");
3793 raise Exception("Failed to add configurator")
3794 conf_id_2
= int(res
)
3795 dev
[1].set("dpp_groups_override", '')
3796 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id_2
)
3797 if "OK" not in dev
[1].request(cmd
):
3798 raise Exception("Failed to initiate DPP Authentication")
3799 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3801 raise Exception("DPP configuration not completed (Configurator for STA2)")
3802 ev
= dev
[2].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3804 raise Exception("DPP configuration not completed (Enrollee STA2)")
3806 logger
.info("Provision STA5 with DPP Connector that has mismatching netAccessKey EC group")
3807 wpas
.set("dpp_config_processing", "2")
3808 addr
= wpas
.own_addr().replace(':', '')
3809 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
3810 cmd
+= " curve=P-521"
3811 res
= wpas
.request(cmd
)
3813 raise Exception("Failed to generate bootstrapping info")
3815 uri5
= wpas
.request("DPP_BOOTSTRAP_GET_URI %d" % id5
)
3817 res
= dev
[1].request("DPP_QR_CODE " + uri5
)
3819 raise Exception("Failed to parse QR Code URI")
3822 cmd
= "DPP_LISTEN 2412"
3823 if "OK" not in wpas
.request(cmd
):
3824 raise Exception("Failed to start listen operation")
3826 dev
[1].set("dpp_groups_override", '')
3827 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3828 if "OK" not in dev
[1].request(cmd
):
3829 raise Exception("Failed to initiate DPP Authentication")
3830 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3832 raise Exception("DPP configuration not completed (Configurator for STA0)")
3833 ev
= wpas
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3835 raise Exception("DPP configuration not completed (Enrollee STA5)")
3837 logger
.info("Verify network introduction results")
3838 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
3840 raise Exception("DPP network introduction result not seen on STA0")
3841 if "status=8" not in ev
:
3842 raise Exception("Unexpected network introduction result on STA0: " + ev
)
3844 ev
= dev
[2].wait_event(["DPP-INTRO"], timeout
=5)
3846 raise Exception("DPP network introduction result not seen on STA2")
3847 if "status=8" not in ev
:
3848 raise Exception("Unexpected network introduction result on STA2: " + ev
)
3850 ev
= wpas
.wait_event(["DPP-INTRO"], timeout
=10)
3852 raise Exception("DPP network introduction result not seen on STA5")
3853 if "status=7" not in ev
:
3854 raise Exception("Unexpected network introduction result on STA5: " + ev
)
3856 def run_dpp_proto_init(dev
, test_dev
, test
, mutual
=False, unicast
=True,
3857 listen
=True, chan
="81/1", init_enrollee
=False,
3858 incompatible_roles
=False):
3859 check_dpp_capab(dev
[0])
3860 check_dpp_capab(dev
[1])
3861 dev
[test_dev
].set("dpp_test", str(test
))
3863 cmd
= "DPP_CONFIGURATOR_ADD"
3865 res
= dev
[0].request(cmd
)
3867 res
= dev
[1].request(cmd
)
3869 raise Exception("Failed to add configurator")
3872 addr
= dev
[0].own_addr().replace(':', '')
3873 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
3875 cmd
+= " chan=" + chan
3877 cmd
+= " mac=" + addr
3878 res
= dev
[0].request(cmd
)
3880 raise Exception("Failed to generate bootstrapping info")
3882 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3884 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
3886 raise Exception("Failed to parse QR Code URI")
3890 addr
= dev
[1].own_addr().replace(':', '')
3891 res
= dev
[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
3893 raise Exception("Failed to generate bootstrapping info")
3895 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
3897 res
= dev
[0].request("DPP_QR_CODE " + uri1b
)
3899 raise Exception("Failed to parse QR Code URI")
3902 cmd
= "DPP_LISTEN 2412 qr=mutual"
3904 cmd
= "DPP_LISTEN 2412"
3907 if incompatible_roles
:
3908 cmd
+= " role=enrollee"
3910 cmd
+= " role=configurator"
3911 dev
[0].set("dpp_configurator_params",
3912 " conf=sta-dpp configurator=%d" % conf_id
);
3913 elif incompatible_roles
:
3914 cmd
+= " role=enrollee"
3917 if "OK" not in dev
[0].request(cmd
):
3918 raise Exception("Failed to start listen operation")
3921 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3923 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3924 if incompatible_roles
:
3925 cmd
+= " role=enrollee"
3927 cmd
+= " own=%d" % id1b
3928 if "OK" not in dev
[1].request(cmd
):
3929 raise Exception("Failed to initiate DPP Authentication")
3931 def test_dpp_proto_after_wrapped_data_auth_req(dev
, apdev
):
3932 """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
3933 run_dpp_proto_init(dev
, 1, 1)
3934 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3936 raise Exception("DPP Authentication Request not seen")
3937 if "type=0" not in ev
or "ignore=invalid-attributes" not in ev
:
3938 raise Exception("Unexpected RX info: " + ev
)
3939 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3941 raise Exception("Unexpected DPP message seen")
3943 def test_dpp_auth_req_stop_after_ack(dev
, apdev
):
3944 """DPP initiator stopping after ACK, but no response"""
3945 run_dpp_proto_init(dev
, 1, 1, listen
=True)
3946 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3948 raise Exception("Authentication failure not reported")
3950 def test_dpp_auth_req_retries(dev
, apdev
):
3951 """DPP initiator retries with no ACK"""
3952 check_dpp_capab(dev
[1])
3953 dev
[1].set("dpp_init_max_tries", "3")
3954 dev
[1].set("dpp_init_retry_time", "1000")
3955 dev
[1].set("dpp_resp_wait_time", "100")
3956 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False)
3959 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3961 raise Exception("Auth Req not sent (%d)" % i
)
3963 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3965 raise Exception("Authentication failure not reported")
3967 def test_dpp_auth_req_retries_multi_chan(dev
, apdev
):
3968 """DPP initiator retries with no ACK and multiple channels"""
3969 check_dpp_capab(dev
[1])
3970 dev
[1].set("dpp_init_max_tries", "3")
3971 dev
[1].set("dpp_init_retry_time", "1000")
3972 dev
[1].set("dpp_resp_wait_time", "100")
3973 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False,
3974 chan
="81/1,81/6,81/11")
3976 for i
in range(3 * 3):
3977 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3979 raise Exception("Auth Req not sent (%d)" % i
)
3981 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3983 raise Exception("Authentication failure not reported")
3985 def test_dpp_proto_after_wrapped_data_auth_resp(dev
, apdev
):
3986 """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
3987 run_dpp_proto_init(dev
, 0, 2)
3988 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
3990 raise Exception("DPP Authentication Response not seen")
3991 if "type=1" not in ev
or "ignore=invalid-attributes" not in ev
:
3992 raise Exception("Unexpected RX info: " + ev
)
3993 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3994 if ev
is None or "type=0" not in ev
:
3995 raise Exception("DPP Authentication Request not seen")
3996 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3998 raise Exception("Unexpected DPP message seen")
4000 def test_dpp_proto_after_wrapped_data_auth_conf(dev
, apdev
):
4001 """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
4002 run_dpp_proto_init(dev
, 1, 3)
4003 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4004 if ev
is None or "type=0" not in ev
:
4005 raise Exception("DPP Authentication Request not seen")
4006 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4008 raise Exception("DPP Authentication Confirm not seen")
4009 if "type=2" not in ev
or "ignore=invalid-attributes" not in ev
:
4010 raise Exception("Unexpected RX info: " + ev
)
4012 def test_dpp_proto_after_wrapped_data_conf_req(dev
, apdev
):
4013 """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
4014 run_dpp_proto_init(dev
, 0, 6)
4015 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=10)
4017 raise Exception("DPP Configuration failure not seen")
4019 def test_dpp_proto_after_wrapped_data_conf_resp(dev
, apdev
):
4020 """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
4021 run_dpp_proto_init(dev
, 1, 7)
4022 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=10)
4024 raise Exception("DPP Configuration failure not seen")
4026 def test_dpp_proto_zero_i_capab(dev
, apdev
):
4027 """DPP protocol testing - zero I-capability in Auth Req"""
4028 run_dpp_proto_init(dev
, 1, 8)
4029 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4031 raise Exception("DPP failure not seen")
4032 if "Invalid role in I-capabilities 0x00" not in ev
:
4033 raise Exception("Unexpected failure: " + ev
)
4034 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
4036 raise Exception("Unexpected DPP message seen")
4038 def test_dpp_proto_zero_r_capab(dev
, apdev
):
4039 """DPP protocol testing - zero R-capability in Auth Resp"""
4040 run_dpp_proto_init(dev
, 0, 9)
4041 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4043 raise Exception("DPP failure not seen")
4044 if "Unexpected role in R-capabilities 0x00" not in ev
:
4045 raise Exception("Unexpected failure: " + ev
)
4046 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
4047 if ev
is None or "type=0" not in ev
:
4048 raise Exception("DPP Authentication Request not seen")
4049 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
4051 raise Exception("Unexpected DPP message seen")
4053 def run_dpp_proto_auth_req_missing(dev
, test
, reason
, mutual
=False):
4054 run_dpp_proto_init(dev
, 1, test
, mutual
=mutual
)
4055 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4057 raise Exception("DPP failure not seen")
4058 if reason
not in ev
:
4059 raise Exception("Unexpected failure: " + ev
)
4060 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
4062 raise Exception("Unexpected DPP message seen")
4064 def test_dpp_proto_auth_req_no_r_bootstrap_key(dev
, apdev
):
4065 """DPP protocol testing - no R-bootstrap key in Auth Req"""
4066 run_dpp_proto_auth_req_missing(dev
, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4068 def test_dpp_proto_auth_req_invalid_r_bootstrap_key(dev
, apdev
):
4069 """DPP protocol testing - invalid R-bootstrap key in Auth Req"""
4070 run_dpp_proto_auth_req_missing(dev
, 68, "No matching own bootstrapping key found - ignore message")
4072 def test_dpp_proto_auth_req_no_i_bootstrap_key(dev
, apdev
):
4073 """DPP protocol testing - no I-bootstrap key in Auth Req"""
4074 run_dpp_proto_auth_req_missing(dev
, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
4076 def test_dpp_proto_auth_req_invalid_i_bootstrap_key(dev
, apdev
):
4077 """DPP protocol testing - invalid I-bootstrap key in Auth Req"""
4078 run_dpp_proto_init(dev
, 1, 69, mutual
=True)
4079 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
4081 raise Exception("DPP scan request not seen")
4082 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
4084 raise Exception("DPP response pending indivation not seen")
4086 def test_dpp_proto_auth_req_no_i_proto_key(dev
, apdev
):
4087 """DPP protocol testing - no I-proto key in Auth Req"""
4088 run_dpp_proto_auth_req_missing(dev
, 12, "Missing required Initiator Protocol Key attribute")
4090 def test_dpp_proto_auth_req_invalid_i_proto_key(dev
, apdev
):
4091 """DPP protocol testing - invalid I-proto key in Auth Req"""
4092 run_dpp_proto_auth_req_missing(dev
, 66, "Invalid Initiator Protocol Key")
4094 def test_dpp_proto_auth_req_no_i_nonce(dev
, apdev
):
4095 """DPP protocol testing - no I-nonce in Auth Req"""
4096 run_dpp_proto_auth_req_missing(dev
, 13, "Missing or invalid I-nonce")
4098 def test_dpp_proto_auth_req_invalid_i_nonce(dev
, apdev
):
4099 """DPP protocol testing - invalid I-nonce in Auth Req"""
4100 run_dpp_proto_auth_req_missing(dev
, 81, "Missing or invalid I-nonce")
4102 def test_dpp_proto_auth_req_no_i_capab(dev
, apdev
):
4103 """DPP protocol testing - no I-capab in Auth Req"""
4104 run_dpp_proto_auth_req_missing(dev
, 14, "Missing or invalid I-capab")
4106 def test_dpp_proto_auth_req_no_wrapped_data(dev
, apdev
):
4107 """DPP protocol testing - no Wrapped Data in Auth Req"""
4108 run_dpp_proto_auth_req_missing(dev
, 15, "Missing or invalid required Wrapped Data attribute")
4110 def run_dpp_proto_auth_resp_missing(dev
, test
, reason
,
4111 incompatible_roles
=False):
4112 run_dpp_proto_init(dev
, 0, test
, mutual
=True,
4113 incompatible_roles
=incompatible_roles
)
4117 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4119 raise Exception("DPP failure not seen")
4120 if reason
not in ev
:
4121 raise Exception("Unexpected failure: " + ev
)
4122 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
4123 if ev
is None or "type=0" not in ev
:
4124 raise Exception("DPP Authentication Request not seen")
4125 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
4127 raise Exception("Unexpected DPP message seen")
4129 def test_dpp_proto_auth_resp_no_status(dev
, apdev
):
4130 """DPP protocol testing - no Status in Auth Resp"""
4131 run_dpp_proto_auth_resp_missing(dev
, 16, "Missing or invalid required DPP Status attribute")
4133 def test_dpp_proto_auth_resp_status_no_status(dev
, apdev
):
4134 """DPP protocol testing - no Status in Auth Resp(status)"""
4135 run_dpp_proto_auth_resp_missing(dev
, 16,
4136 "Missing or invalid required DPP Status attribute",
4137 incompatible_roles
=True)
4139 def test_dpp_proto_auth_resp_invalid_status(dev
, apdev
):
4140 """DPP protocol testing - invalid Status in Auth Resp"""
4141 run_dpp_proto_auth_resp_missing(dev
, 74, "Responder reported failure")
4143 def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev
, apdev
):
4144 """DPP protocol testing - no R-bootstrap key in Auth Resp"""
4145 run_dpp_proto_auth_resp_missing(dev
, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4147 def test_dpp_proto_auth_resp_status_no_r_bootstrap_key(dev
, apdev
):
4148 """DPP protocol testing - no R-bootstrap key in Auth Resp(status)"""
4149 run_dpp_proto_auth_resp_missing(dev
, 17,
4150 "Missing or invalid required Responder Bootstrapping Key Hash attribute",
4151 incompatible_roles
=True)
4153 def test_dpp_proto_auth_resp_invalid_r_bootstrap_key(dev
, apdev
):
4154 """DPP protocol testing - invalid R-bootstrap key in Auth Resp"""
4155 run_dpp_proto_auth_resp_missing(dev
, 70, "Unexpected Responder Bootstrapping Key Hash value")
4157 def test_dpp_proto_auth_resp_status_invalid_r_bootstrap_key(dev
, apdev
):
4158 """DPP protocol testing - invalid R-bootstrap key in Auth Resp(status)"""
4159 run_dpp_proto_auth_resp_missing(dev
, 70,
4160 "Unexpected Responder Bootstrapping Key Hash value",
4161 incompatible_roles
=True)
4163 def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev
, apdev
):
4164 """DPP protocol testing - no I-bootstrap key in Auth Resp"""
4165 run_dpp_proto_auth_resp_missing(dev
, 18, None)
4167 def test_dpp_proto_auth_resp_status_no_i_bootstrap_key(dev
, apdev
):
4168 """DPP protocol testing - no I-bootstrap key in Auth Resp(status)"""
4169 run_dpp_proto_auth_resp_missing(dev
, 18, None, incompatible_roles
=True)
4171 def test_dpp_proto_auth_resp_invalid_i_bootstrap_key(dev
, apdev
):
4172 """DPP protocol testing - invalid I-bootstrap key in Auth Resp"""
4173 run_dpp_proto_auth_resp_missing(dev
, 71, "Initiator Bootstrapping Key Hash attribute did not match")
4175 def test_dpp_proto_auth_resp_status_invalid_i_bootstrap_key(dev
, apdev
):
4176 """DPP protocol testing - invalid I-bootstrap key in Auth Resp(status)"""
4177 run_dpp_proto_auth_resp_missing(dev
, 71,
4178 "Initiator Bootstrapping Key Hash attribute did not match",
4179 incompatible_roles
=True)
4181 def test_dpp_proto_auth_resp_no_r_proto_key(dev
, apdev
):
4182 """DPP protocol testing - no R-Proto Key in Auth Resp"""
4183 run_dpp_proto_auth_resp_missing(dev
, 19, "Missing required Responder Protocol Key attribute")
4185 def test_dpp_proto_auth_resp_invalid_r_proto_key(dev
, apdev
):
4186 """DPP protocol testing - invalid R-Proto Key in Auth Resp"""
4187 run_dpp_proto_auth_resp_missing(dev
, 67, "Invalid Responder Protocol Key")
4189 def test_dpp_proto_auth_resp_no_r_nonce(dev
, apdev
):
4190 """DPP protocol testing - no R-nonce in Auth Resp"""
4191 run_dpp_proto_auth_resp_missing(dev
, 20, "Missing or invalid R-nonce")
4193 def test_dpp_proto_auth_resp_no_i_nonce(dev
, apdev
):
4194 """DPP protocol testing - no I-nonce in Auth Resp"""
4195 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce")
4197 def test_dpp_proto_auth_resp_status_no_i_nonce(dev
, apdev
):
4198 """DPP protocol testing - no I-nonce in Auth Resp(status)"""
4199 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce",
4200 incompatible_roles
=True)
4202 def test_dpp_proto_auth_resp_no_r_capab(dev
, apdev
):
4203 """DPP protocol testing - no R-capab in Auth Resp"""
4204 run_dpp_proto_auth_resp_missing(dev
, 22, "Missing or invalid R-capabilities")
4206 def test_dpp_proto_auth_resp_no_r_auth(dev
, apdev
):
4207 """DPP protocol testing - no R-auth in Auth Resp"""
4208 run_dpp_proto_auth_resp_missing(dev
, 23, "Missing or invalid Secondary Wrapped Data")
4210 def test_dpp_proto_auth_resp_no_wrapped_data(dev
, apdev
):
4211 """DPP protocol testing - no Wrapped Data in Auth Resp"""
4212 run_dpp_proto_auth_resp_missing(dev
, 24, "Missing or invalid required Wrapped Data attribute")
4214 def test_dpp_proto_auth_resp_i_nonce_mismatch(dev
, apdev
):
4215 """DPP protocol testing - I-nonce mismatch in Auth Resp"""
4216 run_dpp_proto_init(dev
, 0, 30, mutual
=True)
4217 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4219 raise Exception("DPP failure not seen")
4220 if "I-nonce mismatch" not in ev
:
4221 raise Exception("Unexpected failure: " + ev
)
4222 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
4223 if ev
is None or "type=0" not in ev
:
4224 raise Exception("DPP Authentication Request not seen")
4225 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
4227 raise Exception("Unexpected DPP message seen")
4229 def test_dpp_proto_auth_resp_incompatible_r_capab(dev
, apdev
):
4230 """DPP protocol testing - Incompatible R-capab in Auth Resp"""
4231 run_dpp_proto_init(dev
, 0, 31, mutual
=True)
4232 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4234 raise Exception("DPP failure not seen")
4235 if "Unexpected role in R-capabilities 0x02" not in ev
:
4236 raise Exception("Unexpected failure: " + ev
)
4237 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4239 raise Exception("DPP failure not seen")
4240 if "Peer reported incompatible R-capab role" not in ev
:
4241 raise Exception("Unexpected failure: " + ev
)
4243 def test_dpp_proto_auth_resp_r_auth_mismatch(dev
, apdev
):
4244 """DPP protocol testing - R-auth mismatch in Auth Resp"""
4245 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4246 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4248 raise Exception("DPP failure not seen")
4249 if "Mismatching Responder Authenticating Tag" not in ev
:
4250 raise Exception("Unexpected failure: " + ev
)
4251 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4253 raise Exception("DPP failure not seen")
4254 if "Peer reported authentication failure" not in ev
:
4255 raise Exception("Unexpected failure: " + ev
)
4257 def test_dpp_proto_auth_resp_r_auth_mismatch_failure(dev
, apdev
):
4258 """DPP protocol testing - Auth Conf RX processing failure"""
4259 with
alloc_fail(dev
[0], 1, "dpp_auth_conf_rx_failure"):
4260 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4261 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4263 raise Exception("DPP failure not seen")
4264 if "Authentication failed" not in ev
:
4265 raise Exception("Unexpected failure: " + ev
)
4267 def test_dpp_proto_auth_resp_r_auth_mismatch_failure2(dev
, apdev
):
4268 """DPP protocol testing - Auth Conf RX processing failure 2"""
4269 with
fail_test(dev
[0], 1, "dpp_auth_conf_rx_failure"):
4270 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
4271 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4273 raise Exception("DPP failure not seen")
4274 if "AES-SIV decryption failed" not in ev
:
4275 raise Exception("Unexpected failure: " + ev
)
4277 def run_dpp_proto_auth_conf_missing(dev
, test
, reason
):
4278 run_dpp_proto_init(dev
, 1, test
, mutual
=True)
4282 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4284 raise Exception("DPP failure not seen")
4285 if reason
not in ev
:
4286 raise Exception("Unexpected failure: " + ev
)
4288 def test_dpp_proto_auth_conf_no_status(dev
, apdev
):
4289 """DPP protocol testing - no Status in Auth Conf"""
4290 run_dpp_proto_auth_conf_missing(dev
, 25, "Missing or invalid required DPP Status attribute")
4292 def test_dpp_proto_auth_conf_invalid_status(dev
, apdev
):
4293 """DPP protocol testing - invalid Status in Auth Conf"""
4294 run_dpp_proto_auth_conf_missing(dev
, 75, "Authentication failed")
4296 def test_dpp_proto_auth_conf_no_r_bootstrap_key(dev
, apdev
):
4297 """DPP protocol testing - no R-bootstrap key in Auth Conf"""
4298 run_dpp_proto_auth_conf_missing(dev
, 26, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
4300 def test_dpp_proto_auth_conf_invalid_r_bootstrap_key(dev
, apdev
):
4301 """DPP protocol testing - invalid R-bootstrap key in Auth Conf"""
4302 run_dpp_proto_auth_conf_missing(dev
, 72, "Responder Bootstrapping Key Hash mismatch")
4304 def test_dpp_proto_auth_conf_no_i_bootstrap_key(dev
, apdev
):
4305 """DPP protocol testing - no I-bootstrap key in Auth Conf"""
4306 run_dpp_proto_auth_conf_missing(dev
, 27, "Missing Initiator Bootstrapping Key Hash attribute")
4308 def test_dpp_proto_auth_conf_invalid_i_bootstrap_key(dev
, apdev
):
4309 """DPP protocol testing - invalid I-bootstrap key in Auth Conf"""
4310 run_dpp_proto_auth_conf_missing(dev
, 73, "Initiator Bootstrapping Key Hash mismatch")
4312 def test_dpp_proto_auth_conf_no_i_auth(dev
, apdev
):
4313 """DPP protocol testing - no I-Auth in Auth Conf"""
4314 run_dpp_proto_auth_conf_missing(dev
, 28, "Missing or invalid Initiator Authenticating Tag")
4316 def test_dpp_proto_auth_conf_no_wrapped_data(dev
, apdev
):
4317 """DPP protocol testing - no Wrapped Data in Auth Conf"""
4318 run_dpp_proto_auth_conf_missing(dev
, 29, "Missing or invalid required Wrapped Data attribute")
4320 def test_dpp_proto_auth_conf_i_auth_mismatch(dev
, apdev
):
4321 """DPP protocol testing - I-auth mismatch in Auth Conf"""
4322 run_dpp_proto_init(dev
, 1, 33, mutual
=True)
4323 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4325 raise Exception("DPP failure not seen")
4326 if "Mismatching Initiator Authenticating Tag" not in ev
:
4327 raise Excception("Unexpected failure: " + ev
)
4329 def test_dpp_proto_auth_conf_replaced_by_resp(dev
, apdev
):
4330 """DPP protocol testing - Auth Conf replaced by Resp"""
4331 run_dpp_proto_init(dev
, 1, 65, mutual
=True)
4332 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4334 raise Exception("DPP failure not seen")
4335 if "Unexpected Authentication Response" not in ev
:
4336 raise Excception("Unexpected failure: " + ev
)
4338 def run_dpp_proto_conf_req_missing(dev
, test
, reason
):
4339 run_dpp_proto_init(dev
, 0, test
)
4340 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4342 raise Exception("DPP failure not seen")
4343 if reason
not in ev
:
4344 raise Exception("Unexpected failure: " + ev
)
4346 def test_dpp_proto_conf_req_no_e_nonce(dev
, apdev
):
4347 """DPP protocol testing - no E-nonce in Conf Req"""
4348 run_dpp_proto_conf_req_missing(dev
, 51,
4349 "Missing or invalid Enrollee Nonce attribute")
4351 def test_dpp_proto_conf_req_invalid_e_nonce(dev
, apdev
):
4352 """DPP protocol testing - invalid E-nonce in Conf Req"""
4353 run_dpp_proto_conf_req_missing(dev
, 83,
4354 "Missing or invalid Enrollee Nonce attribute")
4356 def test_dpp_proto_conf_req_no_config_attr_obj(dev
, apdev
):
4357 """DPP protocol testing - no Config Attr Obj in Conf Req"""
4358 run_dpp_proto_conf_req_missing(dev
, 52,
4359 "Missing or invalid Config Attributes attribute")
4361 def test_dpp_proto_conf_req_invalid_config_attr_obj(dev
, apdev
):
4362 """DPP protocol testing - invalid Config Attr Obj in Conf Req"""
4363 run_dpp_proto_conf_req_missing(dev
, 76,
4364 "Unsupported wi-fi_tech")
4366 def test_dpp_proto_conf_req_no_wrapped_data(dev
, apdev
):
4367 """DPP protocol testing - no Wrapped Data in Conf Req"""
4368 run_dpp_proto_conf_req_missing(dev
, 53,
4369 "Missing or invalid required Wrapped Data attribute")
4371 def run_dpp_proto_conf_resp_missing(dev
, test
, reason
):
4372 run_dpp_proto_init(dev
, 1, test
)
4373 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4375 raise Exception("DPP failure not seen")
4376 if reason
not in ev
:
4377 raise Exception("Unexpected failure: " + ev
)
4379 def test_dpp_proto_conf_resp_no_e_nonce(dev
, apdev
):
4380 """DPP protocol testing - no E-nonce in Conf Resp"""
4381 run_dpp_proto_conf_resp_missing(dev
, 54,
4382 "Missing or invalid Enrollee Nonce attribute")
4384 def test_dpp_proto_conf_resp_no_config_obj(dev
, apdev
):
4385 """DPP protocol testing - no Config Object in Conf Resp"""
4386 run_dpp_proto_conf_resp_missing(dev
, 55,
4387 "Missing required Configuration Object attribute")
4389 def test_dpp_proto_conf_resp_no_status(dev
, apdev
):
4390 """DPP protocol testing - no Status in Conf Resp"""
4391 run_dpp_proto_conf_resp_missing(dev
, 56,
4392 "Missing or invalid required DPP Status attribute")
4394 def test_dpp_proto_conf_resp_no_wrapped_data(dev
, apdev
):
4395 """DPP protocol testing - no Wrapped Data in Conf Resp"""
4396 run_dpp_proto_conf_resp_missing(dev
, 57,
4397 "Missing or invalid required Wrapped Data attribute")
4399 def test_dpp_proto_conf_resp_invalid_status(dev
, apdev
):
4400 """DPP protocol testing - invalid Status in Conf Resp"""
4401 run_dpp_proto_conf_resp_missing(dev
, 58,
4402 "Configurator rejected configuration")
4404 def test_dpp_proto_conf_resp_e_nonce_mismatch(dev
, apdev
):
4405 """DPP protocol testing - E-nonce mismatch in Conf Resp"""
4406 run_dpp_proto_conf_resp_missing(dev
, 59,
4407 "Enrollee Nonce mismatch")
4409 def test_dpp_proto_stop_at_auth_req(dev
, apdev
):
4410 """DPP protocol testing - stop when receiving Auth Req"""
4411 run_dpp_proto_init(dev
, 0, 87)
4412 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4414 raise Exception("Authentication init failure not reported")
4416 def test_dpp_proto_stop_at_auth_resp(dev
, apdev
):
4417 """DPP protocol testing - stop when receiving Auth Resp"""
4418 run_dpp_proto_init(dev
, 1, 88)
4420 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4422 raise Exception("Auth Req TX not seen")
4424 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4426 raise Exception("Auth Resp TX not seen")
4428 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4430 raise Exception("Unexpected Auth Conf TX")
4432 def test_dpp_proto_stop_at_auth_conf(dev
, apdev
):
4433 """DPP protocol testing - stop when receiving Auth Conf"""
4434 run_dpp_proto_init(dev
, 0, 89, init_enrollee
=True)
4435 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=10)
4437 raise Exception("Enrollee did not start GAS")
4438 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4440 raise Exception("Enrollee did not time out GAS")
4441 if "result=TIMEOUT" not in ev
:
4442 raise Exception("Unexpected GAS result: " + ev
)
4444 def test_dpp_proto_stop_at_auth_conf_tx(dev
, apdev
):
4445 """DPP protocol testing - stop when transmitting Auth Conf (Registrar)"""
4446 run_dpp_proto_init(dev
, 1, 89, init_enrollee
=True)
4447 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4449 raise Exception("Authentication did not succeed (Initiator)")
4450 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4452 raise Exception("Authentication did not succeed (Responder)")
4453 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=0.1)
4455 raise Exception("Unexpected GAS query")
4457 # There is currently no timeout on GAS server side, so no event to wait for
4460 def test_dpp_proto_stop_at_auth_conf_tx2(dev
, apdev
):
4461 """DPP protocol testing - stop when transmitting Auth Conf (Enrollee)"""
4462 run_dpp_proto_init(dev
, 1, 89)
4463 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
4465 raise Exception("Authentication did not succeed (Initiator)")
4466 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4468 raise Exception("Authentication did not succeed (Responder)")
4470 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
4471 if ev
is None or "result=TIMEOUT" not in ev
:
4472 raise Exception("GAS query did not time out")
4474 def test_dpp_proto_stop_at_conf_req(dev
, apdev
):
4475 """DPP protocol testing - stop when receiving Auth Req"""
4476 run_dpp_proto_init(dev
, 1, 90)
4477 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=10)
4479 raise Exception("Enrollee did not start GAS")
4480 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4482 raise Exception("Enrollee did not time out GAS")
4483 if "result=TIMEOUT" not in ev
:
4484 raise Exception("Unexpected GAS result: " + ev
)
4486 def run_dpp_proto_init_pkex(dev
, test_dev
, test
):
4487 check_dpp_capab(dev
[0])
4488 check_dpp_capab(dev
[1])
4489 dev
[test_dev
].set("dpp_test", str(test
))
4491 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4492 res
= dev
[0].request(cmd
)
4494 raise Exception("Failed to generate bootstrapping info")
4497 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4498 res
= dev
[1].request(cmd
)
4500 raise Exception("Failed to generate bootstrapping info")
4503 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4504 res
= dev
[0].request(cmd
)
4506 raise Exception("Failed to set PKEX data (responder)")
4507 cmd
= "DPP_LISTEN 2437"
4508 if "OK" not in dev
[0].request(cmd
):
4509 raise Exception("Failed to start listen operation")
4511 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
4512 res
= dev
[1].request(cmd
)
4514 raise Exception("Failed to set PKEX data (initiator)")
4516 def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev
, apdev
):
4517 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
4518 run_dpp_proto_init_pkex(dev
, 1, 4)
4519 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4520 if ev
is None or "type=7" not in ev
:
4521 raise Exception("PKEX Exchange Request not seen")
4522 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4523 if ev
is None or "type=9" not in ev
:
4524 raise Exception("PKEX Commit-Reveal Request not seen")
4525 if "ignore=invalid-attributes" not in ev
:
4526 raise Exception("Unexpected RX info: " + ev
)
4528 def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev
, apdev
):
4529 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
4530 run_dpp_proto_init_pkex(dev
, 0, 5)
4531 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4532 if ev
is None or "type=8" not in ev
:
4533 raise Exception("PKEX Exchange Response not seen")
4534 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4535 if ev
is None or "type=10" not in ev
:
4536 raise Exception("PKEX Commit-Reveal Response not seen")
4537 if "ignore=invalid-attributes" not in ev
:
4538 raise Exception("Unexpected RX info: " + ev
)
4540 def run_dpp_proto_pkex_req_missing(dev
, test
, reason
):
4541 run_dpp_proto_init_pkex(dev
, 1, test
)
4542 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4544 raise Exception("DPP failure not seen")
4545 if reason
not in ev
:
4546 raise Exception("Unexpected failure: " + ev
)
4548 def run_dpp_proto_pkex_resp_missing(dev
, test
, reason
):
4549 run_dpp_proto_init_pkex(dev
, 0, test
)
4550 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4552 raise Exception("DPP failure not seen")
4553 if reason
not in ev
:
4554 raise Exception("Unexpected failure: " + ev
)
4556 def test_dpp_proto_pkex_exchange_req_no_finite_cyclic_group(dev
, apdev
):
4557 """DPP protocol testing - no Finite Cyclic Group in PKEX Exchange Request"""
4558 run_dpp_proto_pkex_req_missing(dev
, 34,
4559 "Missing or invalid Finite Cyclic Group attribute")
4561 def test_dpp_proto_pkex_exchange_req_no_encrypted_key(dev
, apdev
):
4562 """DPP protocol testing - no Encrypted Key in PKEX Exchange Request"""
4563 run_dpp_proto_pkex_req_missing(dev
, 35,
4564 "Missing Encrypted Key attribute")
4566 def test_dpp_proto_pkex_exchange_resp_no_status(dev
, apdev
):
4567 """DPP protocol testing - no Status in PKEX Exchange Response"""
4568 run_dpp_proto_pkex_resp_missing(dev
, 36, "No DPP Status attribute")
4570 def test_dpp_proto_pkex_exchange_resp_no_encrypted_key(dev
, apdev
):
4571 """DPP protocol testing - no Encrypted Key in PKEX Exchange Response"""
4572 run_dpp_proto_pkex_resp_missing(dev
, 37, "Missing Encrypted Key attribute")
4574 def test_dpp_proto_pkex_cr_req_no_bootstrap_key(dev
, apdev
):
4575 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Request"""
4576 run_dpp_proto_pkex_req_missing(dev
, 38,
4577 "No valid peer bootstrapping key found")
4579 def test_dpp_proto_pkex_cr_req_no_i_auth_tag(dev
, apdev
):
4580 """DPP protocol testing - no I-Auth Tag in PKEX Commit-Reveal Request"""
4581 run_dpp_proto_pkex_req_missing(dev
, 39, "No valid u (I-Auth tag) found")
4583 def test_dpp_proto_pkex_cr_req_no_wrapped_data(dev
, apdev
):
4584 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Request"""
4585 run_dpp_proto_pkex_req_missing(dev
, 40, "Missing or invalid required Wrapped Data attribute")
4587 def test_dpp_proto_pkex_cr_resp_no_bootstrap_key(dev
, apdev
):
4588 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Response"""
4589 run_dpp_proto_pkex_resp_missing(dev
, 41,
4590 "No valid peer bootstrapping key found")
4592 def test_dpp_proto_pkex_cr_resp_no_r_auth_tag(dev
, apdev
):
4593 """DPP protocol testing - no R-Auth Tag in PKEX Commit-Reveal Response"""
4594 run_dpp_proto_pkex_resp_missing(dev
, 42, "No valid v (R-Auth tag) found")
4596 def test_dpp_proto_pkex_cr_resp_no_wrapped_data(dev
, apdev
):
4597 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Response"""
4598 run_dpp_proto_pkex_resp_missing(dev
, 43, "Missing or invalid required Wrapped Data attribute")
4600 def test_dpp_proto_pkex_exchange_req_invalid_encrypted_key(dev
, apdev
):
4601 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Request"""
4602 run_dpp_proto_pkex_req_missing(dev
, 44,
4603 "Invalid Encrypted Key value")
4605 def test_dpp_proto_pkex_exchange_resp_invalid_encrypted_key(dev
, apdev
):
4606 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Response"""
4607 run_dpp_proto_pkex_resp_missing(dev
, 45,
4608 "Invalid Encrypted Key value")
4610 def test_dpp_proto_pkex_exchange_resp_invalid_status(dev
, apdev
):
4611 """DPP protocol testing - invalid Status in PKEX Exchange Response"""
4612 run_dpp_proto_pkex_resp_missing(dev
, 46,
4613 "PKEX failed (peer indicated failure)")
4615 def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev
, apdev
):
4616 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request"""
4617 run_dpp_proto_pkex_req_missing(dev
, 47,
4618 "Peer bootstrapping key is invalid")
4620 def test_dpp_proto_pkex_cr_resp_invalid_bootstrap_key(dev
, apdev
):
4621 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Response"""
4622 run_dpp_proto_pkex_resp_missing(dev
, 48,
4623 "Peer bootstrapping key is invalid")
4625 def test_dpp_proto_pkex_cr_req_i_auth_tag_mismatch(dev
, apdev
):
4626 """DPP protocol testing - I-auth tag mismatch in PKEX Commit-Reveal Request"""
4627 run_dpp_proto_pkex_req_missing(dev
, 49, "No valid u (I-Auth tag) found")
4629 def test_dpp_proto_pkex_cr_resp_r_auth_tag_mismatch(dev
, apdev
):
4630 """DPP protocol testing - R-auth tag mismatch in PKEX Commit-Reveal Response"""
4631 run_dpp_proto_pkex_resp_missing(dev
, 50, "No valid v (R-Auth tag) found")
4633 def test_dpp_proto_stop_at_pkex_exchange_resp(dev
, apdev
):
4634 """DPP protocol testing - stop when receiving PKEX Exchange Response"""
4635 run_dpp_proto_init_pkex(dev
, 1, 84)
4637 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4639 raise Exception("PKEX Exchange Req TX not seen")
4641 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4643 raise Exception("PKEX Exchange Resp not seen")
4645 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4647 raise Exception("Unexpected PKEX CR Req TX")
4649 def test_dpp_proto_stop_at_pkex_cr_req(dev
, apdev
):
4650 """DPP protocol testing - stop when receiving PKEX CR Request"""
4651 run_dpp_proto_init_pkex(dev
, 0, 85)
4653 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4655 raise Exception("PKEX Exchange Req TX not seen")
4657 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4659 raise Exception("PKEX Exchange Resp not seen")
4661 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4663 raise Exception("PKEX CR Req TX not seen")
4665 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=0.1)
4667 raise Exception("Unexpected PKEX CR Resp TX")
4669 def test_dpp_proto_stop_at_pkex_cr_resp(dev
, apdev
):
4670 """DPP protocol testing - stop when receiving PKEX CR Response"""
4671 run_dpp_proto_init_pkex(dev
, 1, 86)
4673 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4675 raise Exception("PKEX Exchange Req TX not seen")
4677 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4679 raise Exception("PKEX Exchange Resp not seen")
4681 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4683 raise Exception("PKEX CR Req TX not seen")
4685 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4687 raise Exception("PKEX CR Resp TX not seen")
4689 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4691 raise Exception("Unexpected Auth Req TX")
4693 def test_dpp_proto_network_introduction(dev
, apdev
):
4694 """DPP protocol testing - network introduction"""
4695 check_dpp_capab(dev
[0])
4696 check_dpp_capab(dev
[1])
4698 params
= { "ssid": "dpp",
4700 "wpa_key_mgmt": "DPP",
4702 "rsn_pairwise": "CCMP",
4703 "dpp_connector": params1_ap_connector
,
4704 "dpp_csign": params1_csign
,
4705 "dpp_netaccesskey": params1_ap_netaccesskey
}
4707 hapd
= hostapd
.add_ap(apdev
[0], params
)
4709 raise HwsimSkip("DPP not supported")
4711 for test
in [ 60, 61, 80, 82 ]:
4712 dev
[0].set("dpp_test", str(test
))
4713 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4714 dpp_csign
=params1_csign
,
4715 dpp_connector
=params1_sta_connector
,
4716 dpp_netaccesskey
=params1_sta_netaccesskey
,
4719 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=10)
4720 if ev
is None or "type=5" not in ev
:
4721 raise Exception("Peer Discovery Request TX not reported")
4722 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=2)
4723 if ev
is None or "result=SUCCESS" not in ev
:
4724 raise Exception("Peer Discovery Request TX status not reported")
4726 ev
= hapd
.wait_event(["DPP-RX"], timeout
=10)
4727 if ev
is None or "type=5" not in ev
:
4728 raise Exception("Peer Discovery Request RX not reported")
4731 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4733 raise Exception("DPP-INTRO not reported for test 80")
4734 if "status=7" not in ev
:
4735 raise Exception("Unexpected result in test 80: " + ev
)
4737 dev
[0].request("REMOVE_NETWORK all")
4738 dev
[0].dump_monitor()
4740 dev
[0].set("dpp_test", "0")
4742 for test
in [ 62, 63, 64, 77, 78, 79 ]:
4743 hapd
.set("dpp_test", str(test
))
4744 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4745 dpp_csign
=params1_csign
,
4746 dpp_connector
=params1_sta_connector
,
4747 dpp_netaccesskey
=params1_sta_netaccesskey
,
4750 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4752 raise Exception("Peer introduction result not reported (test %d)" % test
)
4754 if "fail=transaction_id_mismatch" not in ev
:
4755 raise Exception("Connector validation failure not reported")
4757 if "status=254" not in ev
:
4758 raise Exception("Invalid status value not reported")
4760 if "fail=peer_connector_validation_failed" not in ev
:
4761 raise Exception("Connector validation failure not reported")
4762 elif "status=" in ev
:
4763 raise Exception("Unexpected peer introduction result (test %d): " % test
+ ev
)
4765 dev
[0].request("REMOVE_NETWORK all")
4766 dev
[0].dump_monitor()
4768 hapd
.set("dpp_test", "0")
4770 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4771 dpp_csign
=params1_csign
, dpp_connector
=params1_sta_connector
,
4772 dpp_netaccesskey
=params1_sta_netaccesskey
)
4774 def test_dpp_qr_code_no_chan_list_unicast(dev
, apdev
):
4775 """DPP QR Code and no channel list (unicast)"""
4776 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, None)
4778 def test_dpp_qr_code_chan_list_unicast(dev
, apdev
):
4779 """DPP QR Code and 2.4 GHz channels (unicast)"""
4780 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417,
4781 "81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13")
4783 def test_dpp_qr_code_chan_list_no_peer_unicast(dev
, apdev
):
4784 """DPP QR Code and channel list and no peer (unicast)"""
4785 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, "81/1,81/6,81/11",
4787 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4789 raise Exception("Initiation failure not reported")
4791 def test_dpp_qr_code_no_chan_list_broadcast(dev
, apdev
):
4792 """DPP QR Code and no channel list (broadcast)"""
4793 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, None)
4795 def test_dpp_qr_code_chan_list_broadcast(dev
, apdev
):
4796 """DPP QR Code and some 2.4 GHz channels (broadcast)"""
4797 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, "81/1,81/6,81/11",
4800 def run_dpp_qr_code_chan_list(dev
, apdev
, unicast
, listen_freq
, chanlist
,
4801 no_wait
=False, timeout
=5):
4802 check_dpp_capab(dev
[0])
4803 check_dpp_capab(dev
[1])
4804 dev
[1].set("dpp_init_max_tries", "3")
4805 dev
[1].set("dpp_init_retry_time", "100")
4806 dev
[1].set("dpp_resp_wait_time", "1000")
4808 logger
.info("dev0 displays QR Code")
4809 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode"
4811 cmd
+= " chan=" + chanlist
4813 addr
= dev
[0].own_addr().replace(':', '')
4814 cmd
+= " mac=" + addr
4815 res
= dev
[0].request(cmd
)
4817 raise Exception("Failed to generate bootstrapping info")
4819 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4821 logger
.info("dev1 scans QR Code")
4822 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
4824 raise Exception("Failed to parse QR Code URI")
4827 logger
.info("dev1 initiates DPP Authentication")
4828 cmd
= "DPP_LISTEN %d" % listen_freq
4829 if "OK" not in dev
[0].request(cmd
):
4830 raise Exception("Failed to start listen operation")
4831 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4832 if "OK" not in dev
[1].request(cmd
):
4833 raise Exception("Failed to initiate DPP Authentication")
4836 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=timeout
)
4838 raise Exception("DPP authentication did not succeed (Responder)")
4839 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4841 raise Exception("DPP authentication did not succeed (Initiator)")
4842 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
4844 raise Exception("DPP configuration not completed (Enrollee)")
4845 dev
[0].request("DPP_STOP_LISTEN")
4846 dev
[0].dump_monitor()
4847 dev
[1].dump_monitor()
4849 def test_dpp_qr_code_chan_list_no_match(dev
, apdev
):
4850 """DPP QR Code and no matching supported channel"""
4851 check_dpp_capab(dev
[0])
4852 check_dpp_capab(dev
[1])
4854 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=123/123"
4855 res
= dev
[0].request(cmd
)
4857 raise Exception("Failed to generate bootstrapping info")
4859 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4861 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
4863 raise Exception("Failed to parse QR Code URI")
4866 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4867 if "FAIL" not in dev
[1].request(cmd
):
4868 raise Exception("DPP Authentication started unexpectedly")
4870 def test_dpp_pkex_alloc_fail(dev
, apdev
):
4871 """DPP/PKEX and memory allocation failures"""
4872 check_dpp_capab(dev
[0])
4873 check_dpp_capab(dev
[1])
4875 tests
= [ (1, "=dpp_keygen_configurator"),
4876 (1, "base64_gen_encode;dpp_keygen_configurator") ]
4877 for count
, func
in tests
:
4878 with
alloc_fail(dev
[1], count
, func
):
4879 cmd
= "DPP_CONFIGURATOR_ADD"
4880 res
= dev
[1].request(cmd
);
4881 if "FAIL" not in res
:
4882 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4884 cmd
= "DPP_CONFIGURATOR_ADD"
4885 res
= dev
[1].request(cmd
);
4887 raise Exception("Failed to add configurator")
4890 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4891 res
= dev
[0].request(cmd
)
4893 raise Exception("Failed to generate bootstrapping info")
4896 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4897 res
= dev
[1].request(cmd
)
4899 raise Exception("Failed to generate bootstrapping info")
4902 # Local error cases on the Initiator
4903 tests
= [ (1, "dpp_get_pubkey_point"),
4904 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"),
4905 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"),
4906 (1, "dpp_alloc_msg;dpp_auth_build_req"),
4907 (1, "dpp_alloc_msg;dpp_auth_build_conf"),
4908 (1, "dpp_bootstrap_key_hash"),
4909 (1, "dpp_auth_init"),
4910 (1, "=dpp_auth_resp_rx"),
4911 (2, "=dpp_auth_resp_rx"),
4912 (1, "dpp_build_conf_start"),
4913 (1, "dpp_build_conf_obj_dpp"),
4914 (2, "dpp_build_conf_obj_dpp"),
4915 (3, "dpp_build_conf_obj_dpp"),
4916 (4, "dpp_build_conf_obj_dpp"),
4917 (5, "dpp_build_conf_obj_dpp"),
4918 (6, "dpp_build_conf_obj_dpp"),
4919 (7, "dpp_build_conf_obj_dpp"),
4920 (8, "dpp_build_conf_obj_dpp"),
4921 (1, "dpp_conf_req_rx"),
4922 (2, "dpp_conf_req_rx"),
4923 (3, "dpp_conf_req_rx"),
4924 (4, "dpp_conf_req_rx"),
4925 (5, "dpp_conf_req_rx"),
4926 (6, "dpp_conf_req_rx"),
4927 (7, "dpp_conf_req_rx"),
4928 (1, "dpp_pkex_init"),
4929 (2, "dpp_pkex_init"),
4930 (3, "dpp_pkex_init"),
4931 (1, "dpp_pkex_derive_z"),
4932 (1, "=dpp_pkex_rx_commit_reveal_resp"),
4933 (1, "dpp_get_pubkey_point;dpp_build_jwk"),
4934 (2, "dpp_get_pubkey_point;dpp_build_jwk"),
4935 (1, "dpp_get_pubkey_point;dpp_auth_init") ]
4936 for count
, func
in tests
:
4937 dev
[0].request("DPP_STOP_LISTEN")
4938 dev
[1].request("DPP_STOP_LISTEN")
4939 dev
[0].dump_monitor()
4940 dev
[1].dump_monitor()
4942 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4943 res
= dev
[0].request(cmd
)
4945 raise Exception("Failed to set PKEX data (responder)")
4946 cmd
= "DPP_LISTEN 2437"
4947 if "OK" not in dev
[0].request(cmd
):
4948 raise Exception("Failed to start listen operation")
4950 with
alloc_fail(dev
[1], count
, func
):
4951 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4953 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL", max_iter
=100)
4954 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4956 dev
[0].request("DPP_STOP_LISTEN")
4957 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4959 # Local error cases on the Responder
4960 tests
= [ (1, "dpp_get_pubkey_point"),
4961 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"),
4962 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"),
4963 (1, "dpp_alloc_msg;dpp_auth_build_resp"),
4964 (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"),
4965 (1, "=dpp_auth_req_rx"),
4966 (2, "=dpp_auth_req_rx"),
4967 (1, "=dpp_auth_conf_rx"),
4968 (1, "json_parse;dpp_parse_jws_prot_hdr"),
4969 (1, "json_get_member_base64url;dpp_parse_jws_prot_hdr"),
4970 (1, "json_get_member_base64url;dpp_parse_jwk"),
4971 (2, "json_get_member_base64url;dpp_parse_jwk"),
4972 (1, "json_parse;dpp_parse_connector"),
4973 (1, "dpp_parse_jwk;dpp_parse_connector"),
4974 (1, "dpp_parse_jwk;dpp_parse_cred_dpp"),
4975 (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"),
4976 (1, "base64_gen_decode;dpp_process_signed_connector"),
4977 (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"),
4978 (2, "base64_gen_decode;dpp_process_signed_connector"),
4979 (3, "base64_gen_decode;dpp_process_signed_connector"),
4980 (4, "base64_gen_decode;dpp_process_signed_connector"),
4981 (1, "json_parse;dpp_parse_conf_obj"),
4982 (1, "dpp_conf_resp_rx"),
4983 (1, "=dpp_pkex_derive_z"),
4984 (1, "=dpp_pkex_rx_exchange_req"),
4985 (2, "=dpp_pkex_rx_exchange_req"),
4986 (3, "=dpp_pkex_rx_exchange_req"),
4987 (1, "=dpp_pkex_rx_commit_reveal_req"),
4988 (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"),
4989 (1, "dpp_bootstrap_key_hash") ]
4990 for count
, func
in tests
:
4991 dev
[0].request("DPP_STOP_LISTEN")
4992 dev
[1].request("DPP_STOP_LISTEN")
4993 dev
[0].dump_monitor()
4994 dev
[1].dump_monitor()
4996 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4997 res
= dev
[0].request(cmd
)
4999 raise Exception("Failed to set PKEX data (responder)")
5000 cmd
= "DPP_LISTEN 2437"
5001 if "OK" not in dev
[0].request(cmd
):
5002 raise Exception("Failed to start listen operation")
5004 with
alloc_fail(dev
[0], count
, func
):
5005 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
5007 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL", max_iter
=100)
5008 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
5010 dev
[0].request("DPP_STOP_LISTEN")
5011 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
5013 def test_dpp_pkex_test_fail(dev
, apdev
):
5014 """DPP/PKEX and local failures"""
5015 check_dpp_capab(dev
[0])
5016 check_dpp_capab(dev
[1])
5018 tests
= [ (1, "dpp_keygen_configurator") ]
5019 for count
, func
in tests
:
5020 with
fail_test(dev
[1], count
, func
):
5021 cmd
= "DPP_CONFIGURATOR_ADD"
5022 res
= dev
[1].request(cmd
);
5023 if "FAIL" not in res
:
5024 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
5026 tests
= [ (1, "dpp_keygen") ]
5027 for count
, func
in tests
:
5028 with
fail_test(dev
[1], count
, func
):
5029 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
5030 res
= dev
[1].request(cmd
);
5031 if "FAIL" not in res
:
5032 raise Exception("Unexpected DPP_BOOTSTRAP_GEN success")
5034 cmd
= "DPP_CONFIGURATOR_ADD"
5035 res
= dev
[1].request(cmd
);
5037 raise Exception("Failed to add configurator")
5040 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
5041 res
= dev
[0].request(cmd
)
5043 raise Exception("Failed to generate bootstrapping info")
5046 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
5047 res
= dev
[1].request(cmd
)
5049 raise Exception("Failed to generate bootstrapping info")
5052 # Local error cases on the Initiator
5053 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_req"),
5054 (1, "os_get_random;dpp_auth_init"),
5055 (1, "dpp_derive_k1;dpp_auth_init"),
5056 (1, "dpp_hkdf_expand;dpp_derive_k1;dpp_auth_init"),
5057 (1, "dpp_gen_i_auth;dpp_auth_build_conf"),
5058 (1, "aes_siv_encrypt;dpp_auth_build_conf"),
5059 (1, "dpp_derive_k2;dpp_auth_resp_rx"),
5060 (1, "dpp_hkdf_expand;dpp_derive_k2;dpp_auth_resp_rx"),
5061 (1, "dpp_derive_ke;dpp_auth_resp_rx"),
5062 (1, "dpp_hkdf_expand;dpp_derive_ke;dpp_auth_resp_rx"),
5063 (1, "dpp_gen_r_auth;dpp_auth_resp_rx"),
5064 (1, "aes_siv_encrypt;dpp_build_conf_resp"),
5065 (1, "dpp_pkex_derive_Qi;dpp_pkex_build_exchange_req"),
5066 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_req"),
5067 (1, "hmac_sha256_vector;dpp_pkex_rx_exchange_resp"),
5068 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_resp"),
5069 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_resp"),
5070 (1, "dpp_bootstrap_key_hash") ]
5071 for count
, func
in tests
:
5072 dev
[0].request("DPP_STOP_LISTEN")
5073 dev
[1].request("DPP_STOP_LISTEN")
5074 dev
[0].dump_monitor()
5075 dev
[1].dump_monitor()
5077 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
5078 res
= dev
[0].request(cmd
)
5080 raise Exception("Failed to set PKEX data (responder)")
5081 cmd
= "DPP_LISTEN 2437"
5082 if "OK" not in dev
[0].request(cmd
):
5083 raise Exception("Failed to start listen operation")
5085 with
fail_test(dev
[1], count
, func
):
5086 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
5088 wait_fail_trigger(dev
[1], "GET_FAIL", max_iter
=100)
5089 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
5091 dev
[0].request("DPP_STOP_LISTEN")
5092 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
5094 # Local error cases on the Responder
5095 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_resp"),
5096 (1, "aes_siv_encrypt;dpp_auth_build_resp;dpp_auth_build_resp_ok"),
5097 (1, "os_get_random;dpp_build_conf_req"),
5098 (1, "aes_siv_encrypt;dpp_build_conf_req"),
5099 (1, "os_get_random;dpp_auth_build_resp_ok"),
5100 (1, "dpp_derive_k2;dpp_auth_build_resp_ok"),
5101 (1, "dpp_derive_ke;dpp_auth_build_resp_ok"),
5102 (1, "dpp_gen_r_auth;dpp_auth_build_resp_ok"),
5103 (1, "aes_siv_encrypt;dpp_auth_build_resp_ok"),
5104 (1, "dpp_derive_k1;dpp_auth_req_rx"),
5105 (1, "aes_siv_decrypt;dpp_auth_req_rx"),
5106 (1, "aes_siv_decrypt;dpp_auth_conf_rx"),
5107 (1, "dpp_gen_i_auth;dpp_auth_conf_rx"),
5108 (1, "dpp_check_pubkey_match"),
5109 (1, "aes_siv_decrypt;dpp_conf_resp_rx"),
5110 (1, "hmac_sha256_kdf;dpp_pkex_derive_z"),
5111 (1, "dpp_pkex_derive_Qi;dpp_pkex_rx_exchange_req"),
5112 (1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_req"),
5113 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_resp"),
5114 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_req"),
5115 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req"),
5116 (2, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req") ]
5117 for count
, func
in tests
:
5118 dev
[0].request("DPP_STOP_LISTEN")
5119 dev
[1].request("DPP_STOP_LISTEN")
5120 dev
[0].dump_monitor()
5121 dev
[1].dump_monitor()
5123 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
5124 res
= dev
[0].request(cmd
)
5126 raise Exception("Failed to set PKEX data (responder)")
5127 cmd
= "DPP_LISTEN 2437"
5128 if "OK" not in dev
[0].request(cmd
):
5129 raise Exception("Failed to start listen operation")
5131 with
fail_test(dev
[0], count
, func
):
5132 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
5134 wait_fail_trigger(dev
[0], "GET_FAIL", max_iter
=100)
5135 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
5137 dev
[0].request("DPP_STOP_LISTEN")
5138 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
5140 def test_dpp_keygen_configurator_error(dev
, apdev
):
5141 """DPP Configurator keygen error case"""
5142 check_dpp_capab(dev
[0])
5143 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD curve=unknown"):
5144 raise Exception("Unexpected success of invalid DPP_CONFIGURATOR_ADD")
5146 def rx_process_frame(dev
):
5148 if "OK" not in dev
.request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], msg
['frame'].encode('hex'))):
5149 raise Exception("MGMT_RX_PROCESS failed")
5151 def wait_auth_success(responder
, initiator
):
5152 ev
= responder
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
5154 raise Exception("DPP authentication did not succeed (Responder)")
5155 ev
= initiator
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
5157 raise Exception("DPP authentication did not succeed (Initiator)")
5159 def wait_conf_completion(configurator
, enrollee
):
5160 ev
= configurator
.wait_event(["DPP-CONF-SENT"], timeout
=5)
5162 raise Exception("DPP configuration not completed (Configurator)")
5163 ev
= enrollee
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"],
5166 raise Exception("DPP configuration not completed (Enrollee)")
5169 addr
= dev
[0].own_addr().replace(':', '')
5170 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5171 res
= dev
[0].request(cmd
)
5173 raise Exception("Failed to generate bootstrapping info")
5175 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5177 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5179 raise Exception("Failed to parse QR Code URI")
5182 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
5183 dev
[0].set("dpp_config_obj_override", conf
)
5185 dev
[0].set("ext_mgmt_frame_handling", "1")
5186 cmd
= "DPP_LISTEN 2412"
5187 if "OK" not in dev
[0].request(cmd
):
5188 raise Exception("Failed to start listen operation")
5189 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5190 if "OK" not in dev
[1].request(cmd
):
5191 raise Exception("Failed to initiate DPP Authentication")
5193 def test_dpp_gas_timeout_handling(dev
, apdev
):
5194 """DPP and GAS timeout handling"""
5195 check_dpp_capab(dev
[0])
5196 check_dpp_capab(dev
[1])
5199 # DPP Authentication Request
5200 rx_process_frame(dev
[0])
5202 # DPP Authentication Confirmation
5203 rx_process_frame(dev
[0])
5205 wait_auth_success(dev
[0], dev
[1])
5207 # DPP Configuration Request (GAS Initial Request frame)
5208 rx_process_frame(dev
[0])
5210 # DPP Configuration Request (GAS Comeback Request frame)
5211 rx_process_frame(dev
[0])
5213 # Wait for GAS timeout
5214 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
5216 raise Exception("DPP configuration not completed (Enrollee)")
5218 def test_dpp_gas_comeback_after_failure(dev
, apdev
):
5219 """DPP and GAS comeback after failure"""
5220 check_dpp_capab(dev
[0])
5221 check_dpp_capab(dev
[1])
5224 # DPP Authentication Request
5225 rx_process_frame(dev
[0])
5227 # DPP Authentication Confirmation
5228 rx_process_frame(dev
[0])
5230 wait_auth_success(dev
[0], dev
[1])
5232 # DPP Configuration Request (GAS Initial Request frame)
5233 rx_process_frame(dev
[0])
5235 # DPP Configuration Request (GAS Comeback Request frame)
5236 msg
= dev
[0].mgmt_rx()
5237 frame
= msg
['frame'].encode('hex')
5238 with
alloc_fail(dev
[0], 1, "gas_build_comeback_resp;gas_server_handle_rx_comeback_req"):
5239 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5240 raise Exception("MGMT_RX_PROCESS failed")
5241 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5242 # Try the same frame again - this is expected to fail since the response has
5243 # already been freed.
5244 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5245 raise Exception("MGMT_RX_PROCESS failed")
5247 # DPP Configuration Request (GAS Comeback Request frame retry)
5248 msg
= dev
[0].mgmt_rx()
5250 def test_dpp_gas(dev
, apdev
):
5251 """DPP and GAS protocol testing"""
5252 check_dpp_capab(dev
[0])
5253 check_dpp_capab(dev
[1])
5256 # DPP Authentication Request
5257 rx_process_frame(dev
[0])
5259 # DPP Authentication Confirmation
5260 rx_process_frame(dev
[0])
5262 wait_auth_success(dev
[0], dev
[1])
5264 # DPP Configuration Request (GAS Initial Request frame)
5265 msg
= dev
[0].mgmt_rx()
5267 # Protected Dual of GAS Initial Request frame (dropped by GAS server)
5268 frame
= msg
['frame'].encode('hex')
5269 frame
= frame
[0:48] + "09" + frame
[50:]
5270 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5271 raise Exception("MGMT_RX_PROCESS failed")
5273 with
alloc_fail(dev
[0], 1, "gas_server_send_resp"):
5274 frame
= msg
['frame'].encode('hex')
5275 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5276 raise Exception("MGMT_RX_PROCESS failed")
5277 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5279 with
alloc_fail(dev
[0], 1, "gas_build_initial_resp;gas_server_send_resp"):
5280 frame
= msg
['frame'].encode('hex')
5281 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5282 raise Exception("MGMT_RX_PROCESS failed")
5283 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5285 # Add extra data after Query Request field to trigger
5286 # "GAS: Ignored extra data after Query Request field"
5287 frame
= msg
['frame'].encode('hex') + "00"
5288 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5289 raise Exception("MGMT_RX_PROCESS failed")
5291 # DPP Configuration Request (GAS Comeback Request frame)
5292 rx_process_frame(dev
[0])
5294 # DPP Configuration Request (GAS Comeback Request frame)
5295 rx_process_frame(dev
[0])
5297 # DPP Configuration Request (GAS Comeback Request frame)
5298 rx_process_frame(dev
[0])
5300 wait_conf_completion(dev
[0], dev
[1])
5302 def test_dpp_truncated_attr(dev
, apdev
):
5303 """DPP and truncated attribute"""
5304 check_dpp_capab(dev
[0])
5305 check_dpp_capab(dev
[1])
5308 # DPP Authentication Request
5309 msg
= dev
[0].mgmt_rx()
5310 frame
= msg
['frame']
5312 # DPP: Truncated message - not enough room for the attribute - dropped
5313 frame1
= frame
[0:36].encode('hex')
5314 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame1
)):
5315 raise Exception("MGMT_RX_PROCESS failed")
5316 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5317 if ev
is None or "ignore=invalid-attributes" not in ev
:
5318 raise Exception("Invalid attribute error not reported")
5320 # DPP: Unexpected octets (3) after the last attribute
5321 frame2
= frame
.encode('hex') + "000000"
5322 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
5323 raise Exception("MGMT_RX_PROCESS failed")
5324 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5325 if ev
is None or "ignore=invalid-attributes" not in ev
:
5326 raise Exception("Invalid attribute error not reported")
5328 def test_dpp_bootstrap_key_autogen_issues(dev
, apdev
):
5329 """DPP bootstrap key autogen issues"""
5330 check_dpp_capab(dev
[0])
5331 check_dpp_capab(dev
[1])
5333 logger
.info("dev0 displays QR Code")
5334 addr
= dev
[0].own_addr().replace(':', '')
5335 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5336 res
= dev
[0].request(cmd
)
5338 raise Exception("Failed to generate bootstrapping info")
5340 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5342 logger
.info("dev1 scans QR Code")
5343 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5345 raise Exception("Failed to parse QR Code URI")
5348 logger
.info("dev1 initiates DPP Authentication")
5349 cmd
= "DPP_LISTEN 2412"
5350 if "OK" not in dev
[0].request(cmd
):
5351 raise Exception("Failed to start listen operation")
5352 with
alloc_fail(dev
[1], 1, "dpp_autogen_bootstrap_key"):
5353 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5354 if "FAIL" not in dev
[1].request(cmd
):
5355 raise Exception("Failure not reported")
5356 with
alloc_fail(dev
[1], 2, "=dpp_autogen_bootstrap_key"):
5357 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5358 if "FAIL" not in dev
[1].request(cmd
):
5359 raise Exception("Failure not reported")
5360 with
fail_test(dev
[1], 1, "dpp_keygen;dpp_autogen_bootstrap_key"):
5361 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5362 if "FAIL" not in dev
[1].request(cmd
):
5363 raise Exception("Failure not reported")
5364 dev
[0].request("DPP_STOP_LISTEN")
5366 def test_dpp_auth_resp_status_failure(dev
, apdev
):
5367 """DPP and Auth Resp(status) build failure"""
5368 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp"):
5369 run_dpp_proto_auth_resp_missing(dev
, 99999, None,
5370 incompatible_roles
=True)
5372 def test_dpp_auth_resp_aes_siv_issue(dev
, apdev
):
5373 """DPP Auth Resp AES-SIV issue"""
5374 check_dpp_capab(dev
[0])
5375 check_dpp_capab(dev
[1])
5377 logger
.info("dev0 displays QR Code")
5378 addr
= dev
[0].own_addr().replace(':', '')
5379 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5380 res
= dev
[0].request(cmd
)
5382 raise Exception("Failed to generate bootstrapping info")
5384 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5386 logger
.info("dev1 scans QR Code")
5387 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5389 raise Exception("Failed to parse QR Code URI")
5392 logger
.info("dev1 initiates DPP Authentication")
5393 cmd
= "DPP_LISTEN 2412"
5394 if "OK" not in dev
[0].request(cmd
):
5395 raise Exception("Failed to start listen operation")
5396 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5397 with
fail_test(dev
[1], 1, "aes_siv_decrypt;dpp_auth_resp_rx"):
5398 if "OK" not in dev
[1].request(cmd
):
5399 raise Exception("Failed to initiate DPP Authentication")
5400 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
5401 if ev
is None or "AES-SIV decryption failed" not in ev
:
5402 raise Exception("AES-SIV decryption failure not reported")
5403 dev
[0].request("DPP_STOP_LISTEN")
5405 def test_dpp_invalid_legacy_params(dev
, apdev
):
5406 """DPP invalid legacy parameters"""
5407 check_dpp_capab(dev
[0])
5408 check_dpp_capab(dev
[1])
5410 addr
= dev
[0].own_addr().replace(':', '')
5411 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5412 res
= dev
[0].request(cmd
)
5414 raise Exception("Failed to generate bootstrapping info")
5416 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5418 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5420 raise Exception("Failed to parse QR Code URI")
5424 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s" % (id1
, "dpp-legacy".encode("hex"))
5425 if "FAIL" not in dev
[1].request(cmd
):
5426 raise Exception("Invalid command not rejected")
5428 def test_dpp_invalid_legacy_params2(dev
, apdev
):
5429 """DPP invalid legacy parameters 2"""
5430 check_dpp_capab(dev
[0])
5431 check_dpp_capab(dev
[1])
5433 addr
= dev
[0].own_addr().replace(':', '')
5434 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5435 res
= dev
[0].request(cmd
)
5437 raise Exception("Failed to generate bootstrapping info")
5439 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5441 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5443 raise Exception("Failed to parse QR Code URI")
5446 dev
[0].set("dpp_configurator_params",
5447 " conf=sta-psk ssid=%s" % ("dpp-legacy".encode("hex")))
5448 cmd
= "DPP_LISTEN 2412 role=configurator"
5449 if "OK" not in dev
[0].request(cmd
):
5450 raise Exception("Failed to start listen operation")
5453 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
5454 if "OK" not in dev
[1].request(cmd
):
5455 raise Exception("Failed to initiate DPP Authentication")
5456 ev
= dev
[0].wait_event(["DPP: Failed to set configurator parameters"],
5459 raise Exception("DPP configuration failure not reported")
5461 def test_dpp_legacy_params_failure(dev
, apdev
):
5462 """DPP legacy parameters local failure"""
5463 check_dpp_capab(dev
[0])
5464 check_dpp_capab(dev
[1])
5466 addr
= dev
[0].own_addr().replace(':', '')
5467 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
5468 res
= dev
[0].request(cmd
)
5470 raise Exception("Failed to generate bootstrapping info")
5472 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5474 res
= dev
[1].request("DPP_QR_CODE " + uri0
)
5476 raise Exception("Failed to parse QR Code URI")
5479 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5480 raise Exception("Failed to start listen operation")
5482 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk pass=%s ssid=%s" % (id1
, "passphrase".encode("hex"), "dpp-legacy".encode("hex"))
5483 with
alloc_fail(dev
[1], 1, "dpp_build_conf_obj_legacy"):
5484 if "OK" not in dev
[1].request(cmd
):
5485 raise Exception("Failed to initiate DPP")
5486 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=5)
5488 raise Exception("DPP configuration failure not reported")
5490 def test_dpp_invalid_configurator_key(dev
, apdev
):
5491 """DPP invalid configurator key"""
5492 check_dpp_capab(dev
[0])
5494 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=aa"):
5495 raise Exception("Invalid key accepted")
5497 with
alloc_fail(dev
[0], 1, "dpp_keygen_configurator"):
5498 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5499 raise Exception("Error not reported")
5501 with
alloc_fail(dev
[0], 1, "dpp_get_pubkey_point;dpp_keygen_configurator"):
5502 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5503 raise Exception("Error not reported")
5505 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen_configurator"):
5506 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5507 raise Exception("Error not reported")
5509 with
fail_test(dev
[0], 1, "dpp_keygen_configurator"):
5510 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
5511 raise Exception("Error not reported")
5513 def test_dpp_own_config_sign_fail(dev
, apdev
):
5514 """DPP own config signing failure"""
5515 check_dpp_capab(dev
[0])
5516 res
= dev
[0].request("DPP_CONFIGURATOR_ADD");
5518 raise Exception("Failed to add configurator")
5523 " configurator=%d" % conf_id
,
5524 " conf=sta-dpp configurator=%d curve=unsupported" % conf_id
]
5526 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_SIGN " + t
):
5527 raise Exception("Invalid command accepted: " + t
)
5529 def test_dpp_peer_intro_failures(dev
, apdev
):
5530 """DPP peer introduction failures"""
5532 run_dpp_peer_intro_failures(dev
, apdev
)
5534 dev
[0].set("dpp_config_processing", "0")
5536 def run_dpp_peer_intro_failures(dev
, apdev
):
5537 check_dpp_capab(dev
[0])
5538 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5539 check_dpp_capab(hapd
)
5541 res
= hapd
.request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
);
5543 raise Exception("Failed to add configurator")
5545 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
5546 if "FAIL" in csign
or len(csign
) == 0:
5547 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
5549 res
= dev
[0].request("DPP_CONFIGURATOR_ADD key=" + csign
);
5551 raise Exception("Failed to add configurator")
5553 csign2
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id2
)
5556 raise Exception("Unexpected difference in configurator key")
5558 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d" % conf_id
5559 res
= hapd
.request(cmd
)
5561 raise Exception("Failed to generate own configuration")
5562 update_hapd_config(hapd
)
5564 dev
[0].set("dpp_config_processing", "1")
5565 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5566 res
= dev
[0].request(cmd
)
5568 raise Exception("Failed to generate own configuration")
5569 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
5571 raise Exception("DPP network profile not generated")
5572 id = ev
.split(' ')[1]
5573 dev
[0].select_network(id, freq
=2412)
5574 dev
[0].wait_connected()
5575 dev
[0].request("DISCONNECT")
5576 dev
[0].wait_disconnected()
5577 dev
[0].dump_monitor()
5579 tests
= [ "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOltdLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJiVmFMRGlBT09OQmFjcVFVN1pYamFBVEtEMVhhbDVlUExqOUZFZUl3VkN3IiwieSI6Il95c25JR1hTYjBvNEsyMWg0anZmSkZxMHdVNnlPNWp1VUFPd3FuM0dHVHMifX0.WgzZBOJaisWBRxvtXPbVYPXU7OIZxs6sZD-cPOLmJVTIYZKdMkSOMvP5b6si_j61FIrjhm43tmGq1P6cpoxB_g",
5580 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7fV0sIm5ldEFjY2Vzc0tleSI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IkJhY3BWSDNpNDBrZklNS0RHa1FFRzhCODBCaEk4cEFmTWpLbzM5NlFZT2ciLCJ5IjoiMjBDYjhDNjRsSjFzQzV2NXlKMnBFZXRRempxMjI4YVV2cHMxNmQ0M3EwQSJ9fQ.dG2y8VvZQJ5hfob8E5F2FAeR7Nd700qstYkxDgA2QfARaNMZ0_SfKfoG-yKXsIZNM-TvGBfACgfhagG9Oaw_Xw",
5581 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJkc2VmcmJWWlhad0RMWHRpLWlObDBBYkFIOXpqeFFKd0R1SUd5NzNuZGU0IiwieSI6IjZFQnExN3cwYW1fZlh1OUQ4UGxWYk9XZ2I3b19DcTUxWHlmSG8wcHJyeDQifX0.caBvdDUtXrhnS61-juVZ_2FQdprepv0yZjC04G4ERvLUpeX7cgu0Hp-A1aFDogP1PEFGpkaEdcAWRQnSSRiIKQ" ]
5583 dev
[0].set_network_quoted(id, "dpp_connector", t
)
5584 dev
[0].select_network(id, freq
=2412)
5585 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=5)
5586 if ev
is None or "status=8" not in ev
:
5587 raise Exception("Introduction failure not reported")
5588 dev
[0].request("DISCONNECT")
5589 dev
[0].dump_monitor()
5591 def test_dpp_peer_intro_local_failures(dev
, apdev
):
5592 """DPP peer introduction local failures"""
5593 check_dpp_capab(dev
[0])
5594 check_dpp_capab(dev
[1])
5596 params
= { "ssid": "dpp",
5598 "wpa_key_mgmt": "DPP",
5600 "rsn_pairwise": "CCMP",
5601 "dpp_connector": params1_ap_connector
,
5602 "dpp_csign": params1_csign
,
5603 "dpp_netaccesskey": params1_ap_netaccesskey
}
5605 hapd
= hostapd
.add_ap(apdev
[0], params
)
5607 raise HwsimSkip("DPP not supported")
5609 tests
= [ "dpp_derive_pmk",
5610 "dpp_hkdf_expand;dpp_derive_pmk",
5611 "dpp_derive_pmkid" ]
5613 with
fail_test(dev
[0], 1, func
):
5614 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5616 dpp_csign
=params1_csign
,
5617 dpp_connector
=params1_sta_connector
,
5618 dpp_netaccesskey
=params1_sta_netaccesskey
,
5620 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5621 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5622 raise Exception("Introduction failure not reported")
5623 dev
[0].request("REMOVE_NETWORK all")
5624 dev
[0].dump_monitor()
5626 tests
= [ (1, "base64_gen_decode;dpp_peer_intro"),
5627 (1, "json_parse;dpp_peer_intro"),
5628 (50, "json_parse;dpp_peer_intro"),
5629 (1, "=dpp_peer_intro"),
5630 (1, "dpp_parse_jwk") ]
5631 for count
,func
in tests
:
5632 with
alloc_fail(dev
[0], count
, func
):
5633 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5635 dpp_csign
=params1_csign
,
5636 dpp_connector
=params1_sta_connector
,
5637 dpp_netaccesskey
=params1_sta_netaccesskey
,
5639 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5640 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5641 raise Exception("Introduction failure not reported")
5642 dev
[0].request("REMOVE_NETWORK all")
5643 dev
[0].dump_monitor()
5645 parts
= params1_ap_connector
.split('.')
5646 for ap_connector
in [ '.'.join(parts
[0:2]), '.'.join(parts
[0:1]) ]:
5647 hapd
.set("dpp_connector", ap_connector
)
5648 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5650 dpp_csign
=params1_csign
,
5651 dpp_connector
=params1_sta_connector
,
5652 dpp_netaccesskey
=params1_sta_netaccesskey
,
5654 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5656 raise Exception("No TX status reported")
5657 dev
[0].request("REMOVE_NETWORK all")
5658 dev
[0].dump_monitor()
5660 hapd
.set("dpp_netaccesskey", "00")
5661 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5663 dpp_csign
=params1_csign
,
5664 dpp_connector
=params1_sta_connector
,
5665 dpp_netaccesskey
=params1_sta_netaccesskey
,
5667 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5669 raise Exception("No TX status reported")
5670 dev
[0].request("REMOVE_NETWORK all")
5671 dev
[0].dump_monitor()
5673 hapd
.set("dpp_csign", "00")
5674 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5676 dpp_csign
=params1_csign
,
5677 dpp_connector
=params1_sta_connector
,
5678 dpp_netaccesskey
=params1_sta_netaccesskey
,
5680 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5682 raise Exception("No TX status reported")
5683 dev
[0].request("REMOVE_NETWORK all")
5684 dev
[0].dump_monitor()
5686 def run_dpp_configurator_id_unknown(dev
):
5687 check_dpp_capab(dev
)
5688 res
= dev
.request("DPP_CONFIGURATOR_ADD")
5690 raise Exception("Failed to add configurator")
5692 if "FAIL" not in dev
.request("DPP_CONFIGURATOR_GET_KEY %d" % (conf_id
+ 1)):
5693 raise Exception("DPP_CONFIGURATOR_GET_KEY with incorrect id accepted")
5695 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % (conf_id
+ 1)
5696 if "FAIL" not in dev
.request(cmd
):
5697 raise Exception("DPP_CONFIGURATOR_SIGN with incorrect id accepted")
5699 def test_dpp_configurator_id_unknown(dev
, apdev
):
5700 """DPP and unknown configurator id"""
5701 run_dpp_configurator_id_unknown(dev
[0])
5702 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5703 run_dpp_configurator_id_unknown(hapd
)
5705 def run_dpp_bootstrap_gen_failures(dev
, hostapd
):
5706 check_dpp_capab(dev
)
5708 tests
= [ "type=unsupported",
5709 "type=qrcode chan=-1",
5710 "type=qrcode mac=a",
5711 "type=qrcode key=qq",
5713 "type=qrcode info=abc\tdef" ]
5715 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN " + t
):
5716 raise Exception("Command accepted unexpectedly")
5718 id = dev
.request("DPP_BOOTSTRAP_GEN type=qrcode")
5720 raise Exception("Failed to generate bootstrap info")
5721 uri
= dev
.request("DPP_BOOTSTRAP_GET_URI " + id)
5722 if not uri
.startswith("DPP:"):
5723 raise Exception("Could not get URI")
5724 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
5725 raise Exception("Failure not reported")
5726 info
= dev
.request("DPP_BOOTSTRAP_INFO " + id)
5727 if not info
.startswith("type=QRCODE"):
5728 raise Exception("Could not get info")
5729 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_REMOVE 0"):
5730 raise Exception("Failure not reported")
5731 if "FAIL" in dev
.request("DPP_BOOTSTRAP_REMOVE *"):
5732 raise Exception("Failed to remove bootstrap info")
5733 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI " + id):
5734 raise Exception("Failure not reported")
5735 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_INFO " + id):
5736 raise Exception("Failure not reported")
5738 func
= "hostapd_dpp_bootstrap_gen" if hostapd
else "wpas_dpp_bootstrap_gen"
5739 with
alloc_fail(dev
, 1, "=" + func
):
5740 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5741 raise Exception("Command accepted unexpectedly")
5743 with
alloc_fail(dev
, 2, "=" + func
):
5744 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5745 raise Exception("Command accepted unexpectedly")
5747 with
alloc_fail(dev
, 1, "get_param"):
5748 dev
.request("DPP_BOOTSTRAP_GEN type=qrcode curve=foo")
5750 def test_dpp_bootstrap_gen_failures(dev
, apdev
):
5751 """DPP_BOOTSTRAP_GEN/REMOVE/GET_URI/INFO error cases"""
5752 run_dpp_bootstrap_gen_failures(dev
[0], False)
5753 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5754 run_dpp_bootstrap_gen_failures(hapd
, True)
5756 def test_dpp_listen_continue(dev
, apdev
):
5757 """DPP and continue listen state"""
5758 check_dpp_capab(dev
[0])
5759 check_dpp_capab(dev
[1])
5761 addr
= dev
[0].own_addr().replace(':', '')
5762 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
)
5764 raise Exception("Failed to set key for " + curve
)
5765 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI " + id)
5767 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5768 raise Exception("Failed to start listen operation")
5771 res
= dev
[1].request("DPP_QR_CODE " + uri
)
5773 raise Exception("Failed to parse QR Code URI")
5774 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=" + res
):
5775 raise Exception("Failed to initiate DPP Authentication")
5776 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
5778 raise Exception("DPP configuration result not seen (Enrollee)")
5779 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
5781 raise Exception("DPP configuration result not seen (Responder)")
5782 dev
[0].request("DPP_STOP_LISTEN")
5783 dev
[1].request("DPP_STOP_LISTEN")
5785 def test_dpp_network_addition_failure(dev
, apdev
):
5786 """DPP network addition failure"""
5788 run_dpp_network_addition_failure(dev
, apdev
)
5790 dev
[0].set("dpp_config_processing", "0")
5792 def run_dpp_network_addition_failure(dev
, apdev
):
5793 check_dpp_capab(dev
[0])
5795 res
= dev
[0].request("DPP_CONFIGURATOR_ADD");
5797 raise Exception("Failed to add configurator")
5800 dev
[0].set("dpp_config_processing", "1")
5801 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5802 tests
= [ (1, "=wpas_dpp_add_network"),
5803 (2, "=wpas_dpp_add_network"),
5804 (3, "=wpas_dpp_add_network"),
5805 (4, "=wpas_dpp_add_network"),
5806 (1, "wpa_config_add_network;wpas_dpp_add_network") ]
5807 for count
,func
in tests
:
5808 with
alloc_fail(dev
[0], count
, func
):
5809 res
= dev
[0].request(cmd
)
5811 raise Exception("Failed to generate own configuration")
5812 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5814 raise Exception("Config object not processed")
5815 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5816 dev
[0].dump_monitor()
5818 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-psk pass=%s configurator=%d" % ("passphrase".encode("hex"), conf_id
)
5819 tests
= [ (1, "wpa_config_set_quoted;wpas_dpp_add_network") ]
5820 for count
,func
in tests
:
5821 with
alloc_fail(dev
[0], count
, func
):
5822 res
= dev
[0].request(cmd
)
5824 raise Exception("Failed to generate own configuration")
5825 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5827 raise Exception("Config object not processed")
5828 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5829 dev
[0].dump_monitor()