1 # Test cases for Device Provisioning Protocol (DPP)
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018, The Linux Foundation
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
12 logger
= logging
.getLogger()
20 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
21 from wpasupplicant
import WpaSupplicant
25 openssl_imported
= True
27 openssl_imported
= False
29 def check_dpp_capab(dev
, brainpool
=False):
30 if "UNKNOWN COMMAND" in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
31 raise HwsimSkip("DPP not supported")
33 tls
= dev
.request("GET tls_library")
34 if not tls
.startswith("OpenSSL") or "run=BoringSSL" in tls
:
35 raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls
)
37 def test_dpp_qr_code_parsing(dev
, apdev
):
38 """DPP QR Code parsing"""
39 check_dpp_capab(dev
[0])
42 tests
= [ "DPP:C:81/1,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
43 "DPP:C:81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13,82/14,83/1,83/2,83/3,83/4,83/5,83/6,83/7,83/8,83/9,84/5,84/6,84/7,84/8,84/9,84/10,84/11,84/12,84/13,115/36;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkq/24e0rsrfMP9K1Tm8gx+ovP0I=;;",
44 "DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
45 "DPP:I:;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;" ]
47 id.append(dev
[0].dpp_qr_code(uri
))
49 uri2
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id[-1])
51 raise Exception("Returned URI does not match")
57 "DPP:I:;M:01020304050;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
58 "DPP:K:" + base64
.b64encode(b
"hello").decode() + ";;",
59 "DPP:K:MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
60 "DPP:K:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNZaZA4T/kRDjnmpI1ACOJhAuTIIEk2KFOpS6XPpGF+EVr/ao3XemkE0/nzXmGaLzLqTUCJknSdxTnVPeWfCVsCAwEAAQ==;;",
61 "DPP:K:MIIBCjCB0wYHKoZIzj0CATCBxwIBATAkBgcqhkjOPQEBAhkA/////////////////////v//////////MEsEGP////////////////////7//////////AQYZCEFGeWcgOcPp+mrciQwSf643uzBRrmxAxUAMEWub8hCL2TtV5Uo04Eg6uEhltUEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQEDMgAEXiJuIWt1Q/CPCkuULechh37UsXPmbUANOeN5U9sOQROE4o/NEFeFEejROHYwwehF;;",
62 "DPP:I:foo\tbar;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;",
63 "DPP:C:1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
64 "DPP:C:81/1a;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
65 "DPP:C:1/2000,81/-1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;",
66 "DPP:C:-1/1;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADM2206avxHJaHXgLMkqa24e0rsrfMP9K1Tm8gx+ovP0I=;;" ]
68 res
= dev
[0].request("DPP_QR_CODE " + t
)
70 raise Exception("Accepted invalid QR Code: " + t
)
72 logger
.info("ID: " + str(id))
73 if id[0] == id[1] or id[0] == id[2] or id[1] == id[2]:
74 raise Exception("Duplicate ID returned")
76 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE 12345678"):
77 raise Exception("DPP_BOOTSTRAP_REMOVE accepted unexpectedly")
78 if "OK" not in dev
[0].request("DPP_BOOTSTRAP_REMOVE %d" % id[1]):
79 raise Exception("DPP_BOOTSTRAP_REMOVE failed")
81 id = dev
[0].dpp_bootstrap_gen()
82 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
83 logger
.info("Generated URI: " + uri
)
85 dev
[0].dpp_qr_code(uri
)
87 id = dev
[0].dpp_bootstrap_gen(chan
="81/1,115/36", mac
="010203040506",
89 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
90 logger
.info("Generated URI: " + uri
)
92 dev
[0].dpp_qr_code(uri
)
94 def test_dpp_qr_code_parsing_fail(dev
, apdev
):
95 """DPP QR Code parsing local failure"""
96 check_dpp_capab(dev
[0])
97 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_info"):
98 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
99 raise Exception("DPP_QR_CODE failure not reported")
101 with
alloc_fail(dev
[0], 1, "dpp_parse_uri_pk"):
102 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
103 raise Exception("DPP_QR_CODE failure not reported")
105 with
fail_test(dev
[0], 1, "dpp_parse_uri_pk"):
106 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
107 raise Exception("DPP_QR_CODE failure not reported")
109 with
alloc_fail(dev
[0], 1, "dpp_parse_uri"):
110 if "FAIL" not in dev
[0].request("DPP_QR_CODE DPP:I:SN=4774LH2b4044;M:010203040506;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADURzxmttZoIRIPWGoQMV00XHWCAQIhXruVWOz0NjlkIA=;;"):
111 raise Exception("DPP_QR_CODE failure not reported")
113 dpp_key_p256
="30570201010420777fc55dc51e967c10ec051b91d860b5f1e6c934e48d5daffef98d032c64b170a00a06082a8648ce3d030107a124032200020c804188c7f85beb6e91070d2b3e5e39b90ca77b4d3c5251bc1844d6ca29dcad"
114 dpp_key_p384
= "307402010104302f56fdd83b5345cacb630eb7c22fa5ad5daba37307c95191e2a75756d137003bd8b32dbcb00eb5650c1eb499ecfcaec0a00706052b81040022a13403320003615ec2141b5b77aebb6523f8a012755f9a34405a8398d2ceeeebca7f5ce868bf55056cba4c4ec62fad3ed26dd29e0f23"
115 dpp_key_p521
= "308198020101044200c8010d5357204c252551aaf4e210343111e503fd1dc615b257058997c49b6b643c975226e93be8181cca3d83a7072defd161dfbdf433c19abe1f2ad51867a05761a00706052b81040023a1460344000301cdf3608b1305fe34a1f976095dcf001182b9973354efe156291a66830292f9babd8f412ad462958663e7a75d1d0610abdfc3dd95d40669f7ab3bc001668cfb3b7c"
116 dpp_key_bp256
= "3058020101042057133a676fb60bf2a3e6797e19833c7b0f89dc192ab99ab5fa377ae23a157765a00b06092b2403030208010107a12403220002945d9bf7ce30c9c1ac0ff21ca62b984d5bb80ff69d2be8c9716ab39a10d2caf0"
117 dpp_key_bp384
= "307802010104304902df9f3033a9b7128554c0851dc7127c3573eed150671dae74c0013e9896a9b1c22b6f7d43d8a2ebb7cd474dc55039a00b06092b240303020801010ba13403320003623cb5e68787f351faababf3425161571560add2e6f9a306fcbffb507735bf955bb46dd20ba246b0d5cadce73e5bd6a6"
118 dpp_key_bp512
= "30819802010104405803494226eb7e50bf0e90633f37e7e35d33f5fa502165eeba721d927f9f846caf12e925701d18e123abaaaf4a7edb4fc4de21ce18bc10c4d12e8b3439f74e40a00b06092b240303020801010da144034200033b086ccd47486522d35dc16fbb2229642c2e9e87897d45abbf21f9fb52acb5a6272b31d1b227c3e53720769cc16b4cb181b26cd0d35fe463218aaedf3b6ec00a"
120 def test_dpp_qr_code_curves(dev
, apdev
):
121 """DPP QR Code and supported curves"""
122 check_dpp_capab(dev
[0])
123 tests
= [ ("prime256v1", dpp_key_p256
),
124 ("secp384r1", dpp_key_p384
),
125 ("secp521r1", dpp_key_p521
) ]
126 for curve
, hex in tests
:
127 id = dev
[0].dpp_bootstrap_gen(key
=hex)
128 info
= dev
[0].request("DPP_BOOTSTRAP_INFO %d" % id)
130 raise Exception("Failed to get info for " + curve
)
131 if "curve=" + curve
not in info
:
132 raise Exception("Curve mismatch for " + curve
)
134 def test_dpp_qr_code_curves_brainpool(dev
, apdev
):
135 """DPP QR Code and supported Brainpool curves"""
136 check_dpp_capab(dev
[0], brainpool
=True)
137 tests
= [ ("brainpoolP256r1", dpp_key_bp256
),
138 ("brainpoolP384r1", dpp_key_bp384
),
139 ("brainpoolP512r1", dpp_key_bp512
) ]
140 for curve
, hex in tests
:
141 id = dev
[0].dpp_bootstrap_gen(key
=hex)
142 info
= dev
[0].request("DPP_BOOTSTRAP_INFO %d" % id)
144 raise Exception("Failed to get info for " + curve
)
145 if "curve=" + curve
not in info
:
146 raise Exception("Curve mismatch for " + curve
)
148 def test_dpp_qr_code_unsupported_curve(dev
, apdev
):
149 """DPP QR Code and unsupported curve"""
150 check_dpp_capab(dev
[0])
152 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode curve=unsupported")
154 raise Exception("Unsupported curve accepted")
157 "305f02010104187f723ed9e1b41979ec5cd02eb82696efc76b40e277661049a00a06082a8648ce3d030101a134033200043f292614dea97c43f500f069e79ae9fb48f8b07369180de5eec8fa2bc9eea5af7a46dc335f52f10cb1c0e9464201d41b" ]
159 id = dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode key=" + hex)
161 raise Exception("Unsupported/invalid curve accepted")
163 def test_dpp_qr_code_keygen_fail(dev
, apdev
):
164 """DPP QR Code and keygen failure"""
165 check_dpp_capab(dev
[0])
167 with
alloc_fail(dev
[0], 1, "dpp_bootstrap_key_der;dpp_keygen"):
168 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
169 raise Exception("Failure not reported")
171 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen"):
172 if "FAIL" not in dev
[0].request("DPP_BOOTSTRAP_GEN type=qrcode"):
173 raise Exception("Failure not reported")
175 def test_dpp_qr_code_curve_select(dev
, apdev
):
176 """DPP QR Code and curve selection"""
177 check_dpp_capab(dev
[0], brainpool
=True)
178 check_dpp_capab(dev
[1], brainpool
=True)
181 for key
in [ dpp_key_p256
, dpp_key_p384
, dpp_key_p521
,
182 dpp_key_bp256
, dpp_key_bp384
, dpp_key_bp512
]:
183 id = dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True, key
=key
)
184 info
= dev
[0].request("DPP_BOOTSTRAP_INFO %d" % id)
185 for i
in info
.splitlines():
187 name
, val
= i
.split('=')
191 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
192 bi
.append((curve
, uri
))
194 for curve
, uri
in bi
:
195 logger
.info("Curve: " + curve
)
196 logger
.info("URI: " + uri
)
198 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
199 raise Exception("Failed to start listen operation")
201 res
= dev
[1].dpp_qr_code(uri
)
202 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % res
):
203 raise Exception("Failed to initiate DPP Authentication")
204 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
206 raise Exception("DPP authentication did not succeed (Responder)")
207 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
209 raise Exception("DPP authentication did not succeed (Initiator)")
210 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
212 raise Exception("DPP configuration result not seen (Enrollee)")
213 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
215 raise Exception("DPP configuration result not seen (Responder)")
216 dev
[0].request("DPP_STOP_LISTEN")
217 dev
[1].request("DPP_STOP_LISTEN")
218 dev
[0].dump_monitor()
219 dev
[1].dump_monitor()
221 def test_dpp_qr_code_auth_broadcast(dev
, apdev
):
222 """DPP QR Code and authentication exchange (broadcast)"""
223 check_dpp_capab(dev
[0])
224 check_dpp_capab(dev
[1])
225 logger
.info("dev0 displays QR Code")
226 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1")
227 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
229 logger
.info("dev1 scans QR Code")
230 id1
= dev
[1].dpp_qr_code(uri0
)
232 logger
.info("dev1 initiates DPP Authentication")
233 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
234 raise Exception("Failed to start listen operation")
235 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
236 raise Exception("Failed to initiate DPP Authentication")
237 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
239 raise Exception("DPP authentication did not succeed (Responder)")
240 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
242 raise Exception("DPP authentication did not succeed (Initiator)")
243 dev
[0].request("DPP_STOP_LISTEN")
245 def test_dpp_qr_code_auth_unicast(dev
, apdev
):
246 """DPP QR Code and authentication exchange (unicast)"""
247 run_dpp_qr_code_auth_unicast(dev
, apdev
, None)
249 def test_dpp_qr_code_auth_unicast_ap_enrollee(dev
, apdev
):
250 """DPP QR Code and authentication exchange (AP enrollee)"""
251 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, netrole
="ap")
253 def test_dpp_qr_code_curve_prime256v1(dev
, apdev
):
254 """DPP QR Code and curve prime256v1"""
255 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1")
257 def test_dpp_qr_code_curve_secp384r1(dev
, apdev
):
258 """DPP QR Code and curve secp384r1"""
259 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1")
261 def test_dpp_qr_code_curve_secp521r1(dev
, apdev
):
262 """DPP QR Code and curve secp521r1"""
263 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1")
265 def test_dpp_qr_code_curve_brainpoolP256r1(dev
, apdev
):
266 """DPP QR Code and curve brainpoolP256r1"""
267 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP256r1")
269 def test_dpp_qr_code_curve_brainpoolP384r1(dev
, apdev
):
270 """DPP QR Code and curve brainpoolP384r1"""
271 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP384r1")
273 def test_dpp_qr_code_curve_brainpoolP512r1(dev
, apdev
):
274 """DPP QR Code and curve brainpoolP512r1"""
275 run_dpp_qr_code_auth_unicast(dev
, apdev
, "brainpoolP512r1")
277 def test_dpp_qr_code_set_key(dev
, apdev
):
278 """DPP QR Code and fixed bootstrapping key"""
279 run_dpp_qr_code_auth_unicast(dev
, apdev
, None, key
="30770201010420e5143ac74682cc6869a830e8f5301a5fa569130ac329b1d7dd6f2a7495dbcbe1a00a06082a8648ce3d030107a144034200045e13e167c33dbc7d85541e5509600aa8139bbb3e39e25898992c5d01be92039ee2850f17e71506ded0d6b25677441eae249f8e225c68dd15a6354dca54006383")
281 def run_dpp_qr_code_auth_unicast(dev
, apdev
, curve
, netrole
=None, key
=None,
282 require_conf_success
=False, init_extra
=None,
283 require_conf_failure
=False,
284 configurator
=False, conf_curve
=None):
285 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
286 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
288 logger
.info("Create configurator on dev1")
289 cmd
= "DPP_CONFIGURATOR_ADD"
291 cmd
+= " curve=" + conf_curve
292 res
= dev
[1].request(cmd
)
294 raise Exception("Failed to add configurator")
297 logger
.info("dev0 displays QR Code")
298 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
=curve
, key
=key
)
299 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
301 logger
.info("dev1 scans QR Code")
302 id1
= dev
[1].dpp_qr_code(uri0
)
304 logger
.info("dev1 initiates DPP Authentication")
305 cmd
= "DPP_LISTEN 2412"
307 cmd
+= " netrole=" + netrole
308 if "OK" not in dev
[0].request(cmd
):
309 raise Exception("Failed to start listen operation")
310 cmd
= "DPP_AUTH_INIT peer=%d" % id1
312 cmd
+= " " + init_extra
314 cmd
+= " configurator=%d" % conf_id
315 if "OK" not in dev
[1].request(cmd
):
316 raise Exception("Failed to initiate DPP Authentication")
317 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
319 raise Exception("DPP authentication did not succeed (Responder)")
320 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
322 raise Exception("DPP authentication did not succeed (Initiator)")
323 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
325 raise Exception("DPP configuration not completed (Configurator)")
326 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
328 raise Exception("DPP configuration not completed (Enrollee)")
329 if require_conf_success
:
330 if "DPP-CONF-FAILED" in ev
:
331 raise Exception("DPP configuration failed")
332 if require_conf_failure
:
333 if "DPP-CONF-SUCCESS" in ev
:
334 raise Exception("DPP configuration succeeded unexpectedly")
335 dev
[0].request("DPP_STOP_LISTEN")
336 dev
[0].dump_monitor()
337 dev
[1].dump_monitor()
339 def test_dpp_qr_code_auth_mutual(dev
, apdev
):
340 """DPP QR Code and authentication exchange (mutual)"""
341 check_dpp_capab(dev
[0])
342 check_dpp_capab(dev
[1])
343 logger
.info("dev0 displays QR Code")
344 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
345 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
347 logger
.info("dev1 scans QR Code")
348 id1
= dev
[1].dpp_qr_code(uri0
)
350 logger
.info("dev1 displays QR Code")
351 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
352 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
354 logger
.info("dev0 scans QR Code")
355 id0b
= dev
[0].dpp_qr_code(uri1b
)
357 logger
.info("dev1 initiates DPP Authentication")
358 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
359 raise Exception("Failed to start listen operation")
360 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
361 raise Exception("Failed to initiate DPP Authentication")
363 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
365 raise Exception("DPP authentication direction not indicated (Initiator)")
366 if "mutual=1" not in ev
:
367 raise Exception("Mutual authentication not used")
369 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
371 raise Exception("DPP authentication did not succeed (Responder)")
372 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
374 raise Exception("DPP authentication did not succeed (Initiator)")
375 dev
[0].request("DPP_STOP_LISTEN")
377 def test_dpp_qr_code_auth_mutual2(dev
, apdev
):
378 """DPP QR Code and authentication exchange (mutual2)"""
379 check_dpp_capab(dev
[0])
380 check_dpp_capab(dev
[1])
381 logger
.info("dev0 displays QR Code")
382 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
383 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
385 logger
.info("dev1 scans QR Code")
386 id1
= dev
[1].dpp_qr_code(uri0
)
388 logger
.info("dev1 displays QR Code")
389 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
390 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
392 logger
.info("dev1 initiates DPP Authentication")
393 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
394 raise Exception("Failed to start listen operation")
395 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
396 raise Exception("Failed to initiate DPP Authentication")
398 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
400 raise Exception("Pending response not reported")
401 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
403 raise Exception("QR Code scan for mutual authentication not requested")
405 logger
.info("dev0 scans QR Code")
406 id0b
= dev
[0].dpp_qr_code(uri1b
)
408 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
410 raise Exception("DPP authentication direction not indicated (Initiator)")
411 if "mutual=1" not in ev
:
412 raise Exception("Mutual authentication not used")
414 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
416 raise Exception("DPP authentication did not succeed (Responder)")
417 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
419 raise Exception("DPP authentication did not succeed (Initiator)")
420 dev
[0].request("DPP_STOP_LISTEN")
422 def test_dpp_qr_code_auth_mutual_p_256(dev
, apdev
):
423 """DPP QR Code and authentication exchange (mutual, autogen P-256)"""
424 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-256")
426 def test_dpp_qr_code_auth_mutual_p_384(dev
, apdev
):
427 """DPP QR Code and authentication exchange (mutual, autogen P-384)"""
428 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-384")
430 def test_dpp_qr_code_auth_mutual_p_521(dev
, apdev
):
431 """DPP QR Code and authentication exchange (mutual, autogen P-521)"""
432 run_dpp_qr_code_auth_mutual(dev
, apdev
, "P-521")
434 def test_dpp_qr_code_auth_mutual_bp_256(dev
, apdev
):
435 """DPP QR Code and authentication exchange (mutual, autogen BP-256)"""
436 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-256")
438 def test_dpp_qr_code_auth_mutual_bp_384(dev
, apdev
):
439 """DPP QR Code and authentication exchange (mutual, autogen BP-384)"""
440 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-384")
442 def test_dpp_qr_code_auth_mutual_bp_512(dev
, apdev
):
443 """DPP QR Code and authentication exchange (mutual, autogen BP-512)"""
444 run_dpp_qr_code_auth_mutual(dev
, apdev
, "BP-512")
446 def run_dpp_qr_code_auth_mutual(dev
, apdev
, curve
):
447 check_dpp_capab(dev
[0], curve
and "BP-" in curve
)
448 check_dpp_capab(dev
[1], curve
and "BP-" in curve
)
449 logger
.info("dev0 displays QR Code")
450 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
=curve
)
451 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
453 logger
.info("dev1 scans QR Code")
454 id1
= dev
[1].dpp_qr_code(uri0
)
456 logger
.info("dev1 initiates DPP Authentication")
457 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
458 raise Exception("Failed to start listen operation")
459 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % (id1
)):
460 raise Exception("Failed to initiate DPP Authentication")
462 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
464 raise Exception("Pending response not reported")
465 uri
= ev
.split(' ')[1]
467 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
469 raise Exception("QR Code scan for mutual authentication not requested")
471 logger
.info("dev0 scans QR Code")
472 dev
[0].dpp_qr_code(uri
)
474 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
476 raise Exception("DPP authentication direction not indicated (Initiator)")
477 if "mutual=1" not in ev
:
478 raise Exception("Mutual authentication not used")
480 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
482 raise Exception("DPP authentication did not succeed (Responder)")
483 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
485 raise Exception("DPP authentication did not succeed (Initiator)")
486 dev
[0].request("DPP_STOP_LISTEN")
488 def test_dpp_auth_resp_retries(dev
, apdev
):
489 """DPP Authentication Response retries"""
490 check_dpp_capab(dev
[0])
491 check_dpp_capab(dev
[1])
492 dev
[0].set("dpp_resp_max_tries", "3")
493 dev
[0].set("dpp_resp_retry_time", "100")
495 logger
.info("dev0 displays QR Code")
496 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
497 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
499 logger
.info("dev1 scans QR Code")
500 id1
= dev
[1].dpp_qr_code(uri0
)
502 logger
.info("dev1 displays QR Code")
503 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
504 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
506 logger
.info("dev1 initiates DPP Authentication")
507 if "OK" not in dev
[0].request("DPP_LISTEN 2412 qr=mutual"):
508 raise Exception("Failed to start listen operation")
509 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
510 raise Exception("Failed to initiate DPP Authentication")
512 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
514 raise Exception("Pending response not reported")
515 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
517 raise Exception("QR Code scan for mutual authentication not requested")
519 # Stop Initiator from listening to frames to force retransmission of the
520 # DPP Authentication Response frame with Status=0
521 dev
[1].request("DPP_STOP_LISTEN")
523 dev
[1].dump_monitor()
524 dev
[0].dump_monitor()
526 logger
.info("dev0 scans QR Code")
527 id0b
= dev
[0].dpp_qr_code(uri1b
)
529 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
530 if ev
is None or "type=1" not in ev
:
531 raise Exception("DPP Authentication Response not sent")
532 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
534 raise Exception("TX status for DPP Authentication Response not reported")
535 if "result=no-ACK" not in ev
:
536 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
538 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=15)
539 if ev
is None or "type=1" not in ev
:
540 raise Exception("DPP Authentication Response retransmission not sent")
542 def test_dpp_qr_code_auth_mutual_not_used(dev
, apdev
):
543 """DPP QR Code and authentication exchange (mutual not used)"""
544 check_dpp_capab(dev
[0])
545 check_dpp_capab(dev
[1])
546 logger
.info("dev0 displays QR Code")
547 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
548 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
550 logger
.info("dev1 scans QR Code")
551 id1
= dev
[1].dpp_qr_code(uri0
)
553 logger
.info("dev1 displays QR Code")
554 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
555 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
557 logger
.info("dev0 does not scan QR Code")
559 logger
.info("dev1 initiates DPP Authentication")
560 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
561 raise Exception("Failed to start listen operation")
562 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
)):
563 raise Exception("Failed to initiate DPP Authentication")
565 ev
= dev
[1].wait_event(["DPP-AUTH-DIRECTION"], timeout
=5)
567 raise Exception("DPP authentication direction not indicated (Initiator)")
568 if "mutual=0" not in ev
:
569 raise Exception("Mutual authentication not used")
571 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
573 raise Exception("DPP authentication did not succeed (Responder)")
574 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
576 raise Exception("DPP authentication did not succeed (Initiator)")
577 dev
[0].request("DPP_STOP_LISTEN")
579 def test_dpp_qr_code_auth_mutual_curve_mismatch(dev
, apdev
):
580 """DPP QR Code and authentication exchange (mutual/mismatch)"""
581 check_dpp_capab(dev
[0])
582 check_dpp_capab(dev
[1])
583 logger
.info("dev0 displays QR Code")
584 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
585 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
587 logger
.info("dev1 scans QR Code")
588 id1
= dev
[1].dpp_qr_code(uri0
)
590 logger
.info("dev1 displays QR Code")
591 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
="secp384r1")
592 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
594 logger
.info("dev0 scans QR Code")
595 id0b
= dev
[0].dpp_qr_code(uri1b
)
597 res
= dev
[1].request("DPP_AUTH_INIT peer=%d own=%d" % (id1
, id1b
))
598 if "FAIL" not in res
:
599 raise Exception("DPP_AUTH_INIT accepted unexpectedly")
601 def test_dpp_qr_code_auth_hostapd_mutual2(dev
, apdev
):
602 """DPP QR Code and authentication exchange (hostapd mutual2)"""
603 check_dpp_capab(dev
[0])
604 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
605 check_dpp_capab(hapd
)
607 logger
.info("AP displays QR Code")
608 id_h
= hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
609 uri_h
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
611 logger
.info("dev0 scans QR Code")
612 id0
= dev
[0].dpp_qr_code(uri_h
)
614 logger
.info("dev0 displays QR Code")
615 id0b
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
616 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0b
)
618 logger
.info("dev0 initiates DPP Authentication")
619 if "OK" not in hapd
.request("DPP_LISTEN 2412 qr=mutual"):
620 raise Exception("Failed to start listen operation")
621 if "OK" not in dev
[0].request("DPP_AUTH_INIT peer=%d own=%d" % (id0
, id0b
)):
622 raise Exception("Failed to initiate DPP Authentication")
624 ev
= dev
[0].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
626 raise Exception("Pending response not reported")
627 ev
= hapd
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
629 raise Exception("QR Code scan for mutual authentication not requested")
631 logger
.info("AP scans QR Code")
632 hapd
.dpp_qr_code(uri0
)
634 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
636 raise Exception("DPP authentication did not succeed (Responder)")
637 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
639 raise Exception("DPP authentication did not succeed (Initiator)")
640 hapd
.request("DPP_STOP_LISTEN")
642 def test_dpp_qr_code_listen_continue(dev
, apdev
):
643 """DPP QR Code and listen operation needing continuation"""
644 check_dpp_capab(dev
[0])
645 check_dpp_capab(dev
[1])
646 logger
.info("dev0 displays QR Code")
647 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
648 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
650 logger
.info("dev1 scans QR Code")
651 id1
= dev
[1].dpp_qr_code(uri0
)
653 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
654 raise Exception("Failed to start listen operation")
655 logger
.info("Wait for listen to expire and get restarted")
657 logger
.info("dev1 initiates DPP Authentication")
658 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
659 raise Exception("Failed to initiate DPP Authentication")
660 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
662 raise Exception("DPP authentication did not succeed (Responder)")
663 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
665 raise Exception("DPP authentication did not succeed (Initiator)")
666 dev
[0].request("DPP_STOP_LISTEN")
668 def test_dpp_qr_code_auth_initiator_enrollee(dev
, apdev
):
669 """DPP QR Code and authentication exchange (Initiator in Enrollee role)"""
670 check_dpp_capab(dev
[0])
671 check_dpp_capab(dev
[1])
672 dev
[0].request("SET gas_address3 1")
673 dev
[1].request("SET gas_address3 1")
674 logger
.info("dev0 displays QR Code")
675 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
676 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
678 logger
.info("dev1 scans QR Code")
679 id1
= dev
[1].dpp_qr_code(uri0
)
681 logger
.info("dev1 initiates DPP Authentication")
682 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
683 raise Exception("Failed to start listen operation")
684 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
685 raise Exception("Failed to initiate DPP Authentication")
686 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
688 raise Exception("DPP authentication did not succeed (Responder)")
689 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
691 raise Exception("DPP authentication did not succeed (Initiator)")
693 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
695 raise Exception("DPP configuration did not succeed (Configurator)")
696 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
698 raise Exception("DPP configuration did not succeed (Enrollee)")
700 dev
[0].request("DPP_STOP_LISTEN")
702 def test_dpp_qr_code_auth_initiator_either_1(dev
, apdev
):
703 """DPP QR Code and authentication exchange (Initiator in either role)"""
704 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, None, dev
[1], dev
[0])
706 def test_dpp_qr_code_auth_initiator_either_2(dev
, apdev
):
707 """DPP QR Code and authentication exchange (Initiator in either role)"""
708 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "enrollee",
711 def test_dpp_qr_code_auth_initiator_either_3(dev
, apdev
):
712 """DPP QR Code and authentication exchange (Initiator in either role)"""
713 run_dpp_qr_code_auth_initiator_either(dev
, apdev
, "configurator",
716 def run_dpp_qr_code_auth_initiator_either(dev
, apdev
, resp_role
,
717 conf_dev
, enrollee_dev
):
718 check_dpp_capab(dev
[0])
719 check_dpp_capab(dev
[1])
720 logger
.info("dev0 displays QR Code")
721 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
722 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
724 logger
.info("dev1 scans QR Code")
725 id1
= dev
[1].dpp_qr_code(uri0
)
727 logger
.info("dev1 initiates DPP Authentication")
728 cmd
= "DPP_LISTEN 2412"
730 cmd
+= " role=" + resp_role
731 if "OK" not in dev
[0].request(cmd
):
732 raise Exception("Failed to start listen operation")
733 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=either" % id1
):
734 raise Exception("Failed to initiate DPP Authentication")
735 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
737 raise Exception("DPP authentication did not succeed (Responder)")
738 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
740 raise Exception("DPP authentication did not succeed (Initiator)")
742 ev
= conf_dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
744 raise Exception("DPP configuration did not succeed (Configurator)")
745 ev
= enrollee_dev
.wait_event(["DPP-CONF-FAILED"], timeout
=5)
747 raise Exception("DPP configuration did not succeed (Enrollee)")
749 dev
[0].request("DPP_STOP_LISTEN")
751 def run_init_incompatible_roles(dev
, role
="enrollee"):
752 check_dpp_capab(dev
[0])
753 check_dpp_capab(dev
[1])
754 logger
.info("dev0 displays QR Code")
755 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
756 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
758 logger
.info("dev1 scans QR Code")
759 id1
= dev
[1].dpp_qr_code(uri0
)
761 logger
.info("dev1 initiates DPP Authentication")
762 if "OK" not in dev
[0].request("DPP_LISTEN 2412 role=%s" % role
):
763 raise Exception("Failed to start listen operation")
766 def test_dpp_qr_code_auth_incompatible_roles(dev
, apdev
):
767 """DPP QR Code and authentication exchange (incompatible roles)"""
768 id1
= run_init_incompatible_roles(dev
)
769 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=enrollee" % id1
):
770 raise Exception("Failed to initiate DPP Authentication")
771 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
773 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
774 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
776 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
778 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
779 raise Exception("Failed to initiate DPP Authentication")
780 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
782 raise Exception("DPP authentication did not succeed (Responder)")
783 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
785 raise Exception("DPP authentication did not succeed (Initiator)")
786 dev
[0].request("DPP_STOP_LISTEN")
788 def test_dpp_qr_code_auth_incompatible_roles2(dev
, apdev
):
789 """DPP QR Code and authentication exchange (incompatible roles 2)"""
790 id1
= run_init_incompatible_roles(dev
, role
="configurator")
791 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
792 raise Exception("Failed to initiate DPP Authentication")
793 ev
= dev
[1].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=5)
795 raise Exception("DPP-NOT-COMPATIBLE event on initiator timed out")
796 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
798 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
800 def test_dpp_qr_code_auth_incompatible_roles_failure(dev
, apdev
):
801 """DPP QR Code and authentication exchange (incompatible roles failure)"""
802 id1
= run_init_incompatible_roles(dev
, role
="configurator")
803 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp_status"):
804 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
805 raise Exception("Failed to initiate DPP Authentication")
806 ev
= dev
[0].wait_event(["DPP-NOT-COMPATIBLE"], timeout
=1)
808 raise Exception("DPP-NOT-COMPATIBLE event on responder timed out")
810 def test_dpp_qr_code_auth_incompatible_roles_failure2(dev
, apdev
):
811 """DPP QR Code and authentication exchange (incompatible roles failure 2)"""
812 id1
= run_init_incompatible_roles(dev
, role
="configurator")
813 with
alloc_fail(dev
[1], 1, "dpp_auth_resp_rx_status"):
814 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
815 raise Exception("Failed to initiate DPP Authentication")
816 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL")
818 def test_dpp_qr_code_auth_incompatible_roles_failure3(dev
, apdev
):
819 """DPP QR Code and authentication exchange (incompatible roles failure 3)"""
820 id1
= run_init_incompatible_roles(dev
, role
="configurator")
821 with
fail_test(dev
[1], 1, "dpp_auth_resp_rx_status"):
822 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d role=configurator" % id1
):
823 raise Exception("Failed to initiate DPP Authentication")
824 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
825 if ev
is None or "AES-SIV decryption failed" not in ev
:
826 raise Exception("AES-SIV decryption failure not reported")
828 def test_dpp_qr_code_auth_neg_chan(dev
, apdev
):
829 """DPP QR Code and authentication exchange with requested different channel"""
830 check_dpp_capab(dev
[0])
831 check_dpp_capab(dev
[1])
833 logger
.info("Create configurator on dev1")
834 cmd
= "DPP_CONFIGURATOR_ADD"
835 res
= dev
[1].request(cmd
)
837 raise Exception("Failed to add configurator")
840 logger
.info("dev0 displays QR Code")
841 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
842 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
844 logger
.info("dev1 scans QR Code")
845 id1
= dev
[1].dpp_qr_code(uri0
)
847 logger
.info("dev1 initiates DPP Authentication")
848 cmd
= "DPP_LISTEN 2412"
849 if "OK" not in dev
[0].request(cmd
):
850 raise Exception("Failed to start listen operation")
851 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp neg_freq=2462" % (id1
, conf_id
)
852 if "OK" not in dev
[1].request(cmd
):
853 raise Exception("Failed to initiate DPP Authentication")
855 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
857 raise Exception("DPP Authentication Request not sent")
858 if "freq=2412 type=0" not in ev
:
859 raise Exception("Unexpected TX data for Authentication Request: " + ev
)
861 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
863 raise Exception("DPP Authentication Request not received")
864 if "freq=2412 type=0" not in ev
:
865 raise Exception("Unexpected RX data for Authentication Request: " + ev
)
867 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
869 raise Exception("TX status for DPP Authentication Request not reported")
870 if "freq=2412 result=SUCCESS" not in ev
:
871 raise Exception("Unexpected TX status for Authentication Request: " + ev
)
873 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=5)
875 raise Exception("DPP Authentication Response not sent")
876 if "freq=2462 type=1" not in ev
:
877 raise Exception("Unexpected TX data for Authentication Response: " + ev
)
879 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
881 raise Exception("DPP Authentication Response not received")
882 if "freq=2462 type=1" not in ev
:
883 raise Exception("Unexpected RX data for Authentication Response: " + ev
)
885 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=5)
887 raise Exception("TX status for DPP Authentication Response not reported")
888 if "freq=2462 result=SUCCESS" not in ev
:
889 raise Exception("Unexpected TX status for Authentication Response: " + ev
)
891 ev
= dev
[1].wait_event(["DPP-TX"], timeout
=5)
893 raise Exception("DPP Authentication Confirm not sent")
894 if "freq=2462 type=2" not in ev
:
895 raise Exception("Unexpected TX data for Authentication Confirm: " + ev
)
897 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
899 raise Exception("DPP Authentication Confirm not received")
900 if "freq=2462 type=2" not in ev
:
901 raise Exception("Unexpected RX data for Authentication Confirm: " + ev
)
903 ev
= dev
[1].wait_event(["DPP-TX-STATUS"], timeout
=5)
905 raise Exception("TX status for DPP Authentication Confirm not reported")
906 if "freq=2462 result=SUCCESS" not in ev
:
907 raise Exception("Unexpected TX status for Authentication Confirm: " + ev
)
909 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
911 raise Exception("DPP authentication did not succeed (Responder)")
912 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
914 raise Exception("DPP authentication did not succeed (Initiator)")
915 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
917 raise Exception("DPP configuration not completed (Configurator)")
918 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
920 raise Exception("DPP configuration not completed (Enrollee)")
921 if "DPP-CONF-FAILED" in ev
:
922 raise Exception("DPP configuration failed")
923 dev
[0].request("DPP_STOP_LISTEN")
924 dev
[0].dump_monitor()
925 dev
[1].dump_monitor()
927 def test_dpp_config_legacy(dev
, apdev
):
928 """DPP Config Object for legacy network using passphrase"""
929 check_dpp_capab(dev
[1])
930 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}'
931 dev
[1].set("dpp_config_obj_override", conf
)
932 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
933 require_conf_success
=True)
935 def test_dpp_config_legacy_psk_hex(dev
, apdev
):
936 """DPP Config Object for legacy network using PSK"""
937 check_dpp_capab(dev
[1])
938 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"' + 32*"12" + '"}}'
939 dev
[1].set("dpp_config_obj_override", conf
)
940 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
941 require_conf_success
=True)
943 def test_dpp_config_fragmentation(dev
, apdev
):
944 """DPP Config Object for legacy network requiring fragmentation"""
945 check_dpp_capab(dev
[1])
946 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
947 dev
[1].set("dpp_config_obj_override", conf
)
948 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
949 require_conf_success
=True)
951 def test_dpp_config_legacy_gen(dev
, apdev
):
952 """Generate DPP Config Object for legacy network"""
953 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
954 init_extra
="conf=sta-psk pass=%s" % binascii
.hexlify(b
"passphrase").decode(),
955 require_conf_success
=True)
957 def test_dpp_config_legacy_gen_psk(dev
, apdev
):
958 """Generate DPP Config Object for legacy network (PSK)"""
959 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
960 init_extra
="conf=sta-psk psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
961 require_conf_success
=True)
963 def test_dpp_config_dpp_gen_prime256v1(dev
, apdev
):
964 """Generate DPP Config Object for DPP network (P-256)"""
965 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
966 init_extra
="conf=sta-dpp",
967 require_conf_success
=True,
970 def test_dpp_config_dpp_gen_secp384r1(dev
, apdev
):
971 """Generate DPP Config Object for DPP network (P-384)"""
972 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
973 init_extra
="conf=sta-dpp",
974 require_conf_success
=True,
977 def test_dpp_config_dpp_gen_secp521r1(dev
, apdev
):
978 """Generate DPP Config Object for DPP network (P-521)"""
979 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
980 init_extra
="conf=sta-dpp",
981 require_conf_success
=True,
984 def test_dpp_config_dpp_gen_prime256v1_prime256v1(dev
, apdev
):
985 """Generate DPP Config Object for DPP network (P-256 + P-256)"""
986 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
987 init_extra
="conf=sta-dpp",
988 require_conf_success
=True,
990 conf_curve
="prime256v1")
992 def test_dpp_config_dpp_gen_prime256v1_secp384r1(dev
, apdev
):
993 """Generate DPP Config Object for DPP network (P-256 + P-384)"""
994 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
995 init_extra
="conf=sta-dpp",
996 require_conf_success
=True,
998 conf_curve
="secp384r1")
1000 def test_dpp_config_dpp_gen_prime256v1_secp521r1(dev
, apdev
):
1001 """Generate DPP Config Object for DPP network (P-256 + P-521)"""
1002 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1003 init_extra
="conf=sta-dpp",
1004 require_conf_success
=True,
1006 conf_curve
="secp521r1")
1008 def test_dpp_config_dpp_gen_secp384r1_prime256v1(dev
, apdev
):
1009 """Generate DPP Config Object for DPP network (P-384 + P-256)"""
1010 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1011 init_extra
="conf=sta-dpp",
1012 require_conf_success
=True,
1014 conf_curve
="prime256v1")
1016 def test_dpp_config_dpp_gen_secp384r1_secp384r1(dev
, apdev
):
1017 """Generate DPP Config Object for DPP network (P-384 + P-384)"""
1018 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1019 init_extra
="conf=sta-dpp",
1020 require_conf_success
=True,
1022 conf_curve
="secp384r1")
1024 def test_dpp_config_dpp_gen_secp384r1_secp521r1(dev
, apdev
):
1025 """Generate DPP Config Object for DPP network (P-384 + P-521)"""
1026 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1027 init_extra
="conf=sta-dpp",
1028 require_conf_success
=True,
1030 conf_curve
="secp521r1")
1032 def test_dpp_config_dpp_gen_secp521r1_prime256v1(dev
, apdev
):
1033 """Generate DPP Config Object for DPP network (P-521 + P-256)"""
1034 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1035 init_extra
="conf=sta-dpp",
1036 require_conf_success
=True,
1038 conf_curve
="prime256v1")
1040 def test_dpp_config_dpp_gen_secp521r1_secp384r1(dev
, apdev
):
1041 """Generate DPP Config Object for DPP network (P-521 + P-384)"""
1042 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1043 init_extra
="conf=sta-dpp",
1044 require_conf_success
=True,
1046 conf_curve
="secp384r1")
1048 def test_dpp_config_dpp_gen_secp521r1_secp521r1(dev
, apdev
):
1049 """Generate DPP Config Object for DPP network (P-521 + P-521)"""
1050 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1051 init_extra
="conf=sta-dpp",
1052 require_conf_success
=True,
1054 conf_curve
="secp521r1")
1056 def test_dpp_config_dpp_gen_expiry(dev
, apdev
):
1057 """Generate DPP Config Object for DPP network with expiry value"""
1058 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1059 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() + 1000),
1060 require_conf_success
=True,
1063 def test_dpp_config_dpp_gen_expired_key(dev
, apdev
):
1064 """Generate DPP Config Object for DPP network with expiry value"""
1065 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1066 init_extra
="conf=sta-dpp expiry=%d" % (time
.time() - 10),
1067 require_conf_failure
=True,
1070 def test_dpp_config_dpp_override_prime256v1(dev
, apdev
):
1071 """DPP Config Object override (P-256)"""
1072 check_dpp_capab(dev
[0])
1073 check_dpp_capab(dev
[1])
1074 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiYVRGNEpFR0lQS1NaMFh2OXpkQ01qbS10bjVYcE1zWUlWWjl3eVNBejFnSSIsInkiOiJRR2NIV0FfNnJiVTlYRFhBenRvWC1NNVEzc3VUbk1hcUVoVUx0bjdTU1h3In19._sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A","csign":{"kty":"EC","crv":"P-256","x":"W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s","y":"Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}}}'
1075 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1076 dev
[1].set("dpp_config_obj_override", conf
)
1077 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1078 require_conf_success
=True)
1080 def test_dpp_config_dpp_override_secp384r1(dev
, apdev
):
1081 """DPP Config Object override (P-384)"""
1082 check_dpp_capab(dev
[0])
1083 check_dpp_capab(dev
[1])
1084 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJabi1iMndjbjRLM2pGQklkYmhGZkpVTHJTXzdESS0yMWxFQi02R3gxNjl3IiwiYWxnIjoiRVMzODQifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0zODQiLCJ4IjoickdrSGg1UUZsOUtfWjdqYUZkVVhmbThoY1RTRjM1b25Xb1NIRXVsbVNzWW9oX1RXZGpoRjhiVGdiS0ZRN2tBViIsInkiOiJBbU1QVDA5VmFENWpGdzMwTUFKQlp2VkZXeGNlVVlKLXR5blQ0bVJ5N0xOZWxhZ0dEWHpfOExaRlpOU2FaNUdLIn19.Yn_F7m-bbOQ5PlaYQJ9-1qsuqYQ6V-rAv8nWw1COKiCYwwbt3WFBJ8DljY0dPrlg5CHJC4saXwkytpI-CpELW1yUdzYb4Lrun07d20Eo_g10ICyOl5sqQCAUElKMe_Xr","csign":{"kty":"EC","crv":"P-384","x":"dmTyXXiPV2Y8a01fujL-jo08gvzyby23XmzOtzjAiujKQZZgPJsbhfEKrZDlc6ey","y":"H5Z0av5c7bqInxYb2_OOJdNiMhVf3zlcULR0516ZZitOY4U31KhL4wl4KGV7g2XW","kid":"Zn-b2wcn4K3jFBIdbhFfJULrS_7DI-21lEB-6Gx169w"}}}'
1085 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1086 dev
[1].set("dpp_config_obj_override", conf
)
1087 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp384r1",
1088 require_conf_success
=True)
1090 def test_dpp_config_dpp_override_secp521r1(dev
, apdev
):
1091 """DPP Config Object override (P-521)"""
1092 check_dpp_capab(dev
[0])
1093 check_dpp_capab(dev
[1])
1094 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"dpp","signedConnector":"eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJMZkhKY3hnV2ZKcG1uS2IwenZRT0F2VDB2b0ZKc0JjZnBmYzgxY3Y5ZXFnIiwiYWxnIjoiRVM1MTIifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC01MjEiLCJ4IjoiQVJlUFBrMFNISkRRR2NWbnlmM3lfbTlaQllHNjFJeElIbDN1NkdwRHVhMkU1WVd4TE1BSUtMMnZuUGtlSGFVRXljRmZaZlpYZ2JlNkViUUxMVkRVUm1VUSIsInkiOiJBWUtaYlNwUkFFNjJVYm9YZ2c1ZWRBVENzbEpzTlpwcm9RR1dUcW9Md04weXkzQkVoT3ZRZmZrOWhaR2lKZ295TzFobXFRRVRrS0pXb2tIYTBCQUpLSGZtIn19.ACEZLyPk13cM_OFScpLoCElQ2t1sxq5z2d_W_3_QslTQQe5SFiH_o8ycL4632YLAH4RV0gZcMKKRMtZdHgBYHjkzASDqgY-_aYN2SBmpfl8hw0YdDlUJWX3DJf-ofqNAlTbnGmhpSg69cEAhFn41Xgvx2MdwYcPVncxxESVOtWl5zNLK","csign":{"kty":"EC","crv":"P-521","x":"ADiOI_YJOAipEXHB-SpGl4KqokX8m8h3BVYCc8dgiwssZ061-nIIY3O1SIO6Re4Jjfy53RPgzDG6jitOgOGLtzZs","y":"AZKggKaQi0ExutSpJAU3-lqDV03sBQLA9C7KabfWoAn8qD6Vk4jU0WAJdt-wBBTF9o1nVuiqS2OxMVYrxN4lOz79","kid":"LfHJcxgWfJpmnKb0zvQOAvT0voFJsBcfpfc81cv9eqg"}}}'
1095 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1096 dev
[1].set("dpp_config_obj_override", conf
)
1097 run_dpp_qr_code_auth_unicast(dev
, apdev
, "secp521r1",
1098 require_conf_success
=True)
1100 def test_dpp_config_override_objects(dev
, apdev
):
1101 """Generate DPP Config Object and override objects)"""
1102 check_dpp_capab(dev
[1])
1103 discovery
= '{\n"ssid":"mywifi"\n}'
1104 groups
= '[\n {"groupId":"home","netRole":"sta"},\n {"groupId":"cottage","netRole":"sta"}\n]'
1105 dev
[1].set("dpp_discovery_override", discovery
)
1106 dev
[1].set("dpp_groups_override", groups
)
1107 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1108 init_extra
="conf=sta-dpp",
1109 require_conf_success
=True,
1112 def build_conf_obj(kty
="EC", crv
="P-256",
1113 x
="W4-Y5N1Pkos3UWb9A5qme0KUYRtY3CVUpekx_MapZ9s",
1114 y
="Et-M4NSF4NGjvh2VCh4B1sJ9eSCZ4RNzP2DBdP137VE",
1115 kid
="TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU",
1116 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}',
1117 signed_connector
=None,
1118 no_signed_connector
=False,
1120 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{'
1121 conf
+= '"akm":"dpp",'
1123 if signed_connector
:
1124 conn
= signed_connector
1125 conf
+= '"signedConnector":"%s",' % conn
1126 elif not no_signed_connector
:
1127 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1128 sign
= "_sm6YswxMf6hJLVTyYoU1uYUeY2VVkUNjrzjSiEhY42StD_RWowStEE-9CRsdCvLmsTptZ72_g40vTFwdId20A"
1129 conn
= base64
.urlsafe_b64encode(prot_hdr
.encode()).decode().rstrip('=') + '.'
1130 conn
+= base64
.urlsafe_b64encode(payload
.encode()).decode().rstrip('=') + '.'
1132 conf
+= '"signedConnector":"%s",' % conn
1137 conf
+= '"kty":"%s",' % kty
1139 conf
+= '"crv":"%s",' % crv
1141 conf
+= '"x":"%s",' % x
1143 conf
+= '"y":"%s",' % y
1145 conf
+= '"kid":"%s"' % kid
1146 conf
= conf
.rstrip(',')
1149 conf
= conf
.rstrip(',')
1155 def run_dpp_config_error(dev
, apdev
, conf
,
1156 skip_net_access_key_mismatch
=True):
1157 check_dpp_capab(dev
[0])
1158 check_dpp_capab(dev
[1])
1159 if skip_net_access_key_mismatch
:
1160 dev
[0].set("dpp_ignore_netaccesskey_mismatch", "1")
1161 dev
[1].set("dpp_config_obj_override", conf
)
1162 run_dpp_qr_code_auth_unicast(dev
, apdev
, "prime256v1",
1163 require_conf_failure
=True)
1165 def test_dpp_config_jwk_error_no_kty(dev
, apdev
):
1166 """DPP Config Object JWK error - no kty"""
1167 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
=None))
1169 def test_dpp_config_jwk_error_unexpected_kty(dev
, apdev
):
1170 """DPP Config Object JWK error - unexpected kty"""
1171 run_dpp_config_error(dev
, apdev
, build_conf_obj(kty
="unknown"))
1173 def test_dpp_config_jwk_error_no_crv(dev
, apdev
):
1174 """DPP Config Object JWK error - no crv"""
1175 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
=None))
1177 def test_dpp_config_jwk_error_unsupported_crv(dev
, apdev
):
1178 """DPP Config Object JWK error - unsupported curve"""
1179 run_dpp_config_error(dev
, apdev
, build_conf_obj(crv
="unsupported"))
1181 def test_dpp_config_jwk_error_no_x(dev
, apdev
):
1182 """DPP Config Object JWK error - no x"""
1183 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
=None))
1185 def test_dpp_config_jwk_error_invalid_x(dev
, apdev
):
1186 """DPP Config Object JWK error - invalid x"""
1187 run_dpp_config_error(dev
, apdev
, build_conf_obj(x
="MTIz"))
1189 def test_dpp_config_jwk_error_no_y(dev
, apdev
):
1190 """DPP Config Object JWK error - no y"""
1191 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
=None))
1193 def test_dpp_config_jwk_error_invalid_y(dev
, apdev
):
1194 """DPP Config Object JWK error - invalid y"""
1195 run_dpp_config_error(dev
, apdev
, build_conf_obj(y
="MTIz"))
1197 def test_dpp_config_jwk_error_invalid_xy(dev
, apdev
):
1198 """DPP Config Object JWK error - invalid x,y"""
1199 conf
= build_conf_obj(x
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY",
1200 y
="MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY")
1201 run_dpp_config_error(dev
, apdev
, conf
)
1203 def test_dpp_config_jwk_error_no_kid(dev
, apdev
):
1204 """DPP Config Object JWK error - no kid"""
1205 run_dpp_config_error(dev
, apdev
, build_conf_obj(kid
=None))
1207 def test_dpp_config_jws_error_prot_hdr_not_an_object(dev
, apdev
):
1208 """DPP Config Object JWS error - protected header not an object"""
1209 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
="1"))
1211 def test_dpp_config_jws_error_prot_hdr_no_typ(dev
, apdev
):
1212 """DPP Config Object JWS error - protected header - no typ"""
1213 prot_hdr
='{"kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1214 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1216 def test_dpp_config_jws_error_prot_hdr_unsupported_typ(dev
, apdev
):
1217 """DPP Config Object JWS error - protected header - unsupported typ"""
1218 prot_hdr
='{"typ":"unsupported","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"ES256"}'
1219 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1221 def test_dpp_config_jws_error_prot_hdr_no_alg(dev
, apdev
):
1222 """DPP Config Object JWS error - protected header - no alg"""
1223 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU"}'
1224 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1226 def test_dpp_config_jws_error_prot_hdr_unexpected_alg(dev
, apdev
):
1227 """DPP Config Object JWS error - protected header - unexpected alg"""
1228 prot_hdr
='{"typ":"dppCon","kid":"TnGKjIlNZaatrEAYrbbjiB67rjkL_AGVWXO6q9hDJKU","alg":"unexpected"}'
1229 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1231 def test_dpp_config_jws_error_prot_hdr_no_kid(dev
, apdev
):
1232 """DPP Config Object JWS error - protected header - no kid"""
1233 prot_hdr
='{"typ":"dppCon","alg":"ES256"}'
1234 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1236 def test_dpp_config_jws_error_prot_hdr_unexpected_kid(dev
, apdev
):
1237 """DPP Config Object JWS error - protected header - unexpected kid"""
1238 prot_hdr
='{"typ":"dppCon","kid":"MTIz","alg":"ES256"}'
1239 run_dpp_config_error(dev
, apdev
, build_conf_obj(prot_hdr
=prot_hdr
))
1241 def test_dpp_config_signed_connector_error_no_dot_1(dev
, apdev
):
1242 """DPP Config Object signedConnector error - no dot(1)"""
1244 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1246 def test_dpp_config_signed_connector_error_no_dot_2(dev
, apdev
):
1247 """DPP Config Object signedConnector error - no dot(2)"""
1248 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz"
1249 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1251 def test_dpp_config_signed_connector_error_unexpected_signature_len(dev
, apdev
):
1252 """DPP Config Object signedConnector error - unexpected signature length"""
1253 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTIz"
1254 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1256 def test_dpp_config_signed_connector_error_invalid_signature_der(dev
, apdev
):
1257 """DPP Config Object signedConnector error - invalid signature DER"""
1258 conn
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJUbkdLaklsTlphYXRyRUFZcmJiamlCNjdyamtMX0FHVldYTzZxOWhESktVIiwiYWxnIjoiRVMyNTYifQ.MTIz.MTI"
1259 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
=conn
))
1261 def test_dpp_config_no_csign(dev
, apdev
):
1262 """DPP Config Object error - no csign"""
1263 run_dpp_config_error(dev
, apdev
, build_conf_obj(csign
=False))
1265 def test_dpp_config_no_signed_connector(dev
, apdev
):
1266 """DPP Config Object error - no signedConnector"""
1267 run_dpp_config_error(dev
, apdev
, build_conf_obj(no_signed_connector
=True))
1269 def test_dpp_config_unexpected_signed_connector_char(dev
, apdev
):
1270 """DPP Config Object error - unexpected signedConnector character"""
1271 run_dpp_config_error(dev
, apdev
, build_conf_obj(signed_connector
='a\nb'))
1273 def test_dpp_config_root_not_an_object(dev
, apdev
):
1274 """DPP Config Object error - root not an object"""
1276 run_dpp_config_error(dev
, apdev
, conf
)
1278 def test_dpp_config_no_wi_fi_tech(dev
, apdev
):
1279 """DPP Config Object error - no wi-fi_tech"""
1281 run_dpp_config_error(dev
, apdev
, conf
)
1283 def test_dpp_config_unsupported_wi_fi_tech(dev
, apdev
):
1284 """DPP Config Object error - unsupported wi-fi_tech"""
1285 conf
= '{"wi-fi_tech":"unsupported"}'
1286 run_dpp_config_error(dev
, apdev
, conf
)
1288 def test_dpp_config_no_discovery(dev
, apdev
):
1289 """DPP Config Object error - no discovery"""
1290 conf
= '{"wi-fi_tech":"infra"}'
1291 run_dpp_config_error(dev
, apdev
, conf
)
1293 def test_dpp_config_no_discovery_ssid(dev
, apdev
):
1294 """DPP Config Object error - no discovery::ssid"""
1295 conf
= '{"wi-fi_tech":"infra","discovery":{}}'
1296 run_dpp_config_error(dev
, apdev
, conf
)
1298 def test_dpp_config_too_long_discovery_ssid(dev
, apdev
):
1299 """DPP Config Object error - too long discovery::ssid"""
1300 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"%s"}}' % (33*'A')
1301 run_dpp_config_error(dev
, apdev
, conf
)
1303 def test_dpp_config_no_cred(dev
, apdev
):
1304 """DPP Config Object error - no cred"""
1305 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"}}'
1306 run_dpp_config_error(dev
, apdev
, conf
)
1308 def test_dpp_config_no_cred_akm(dev
, apdev
):
1309 """DPP Config Object error - no cred::akm"""
1310 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{}}'
1311 run_dpp_config_error(dev
, apdev
, conf
)
1313 def test_dpp_config_unsupported_cred_akm(dev
, apdev
):
1314 """DPP Config Object error - unsupported cred::akm"""
1315 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"unsupported"}}'
1316 run_dpp_config_error(dev
, apdev
, conf
)
1318 def test_dpp_config_error_legacy_no_pass(dev
, apdev
):
1319 """DPP Config Object legacy error - no pass/psk"""
1320 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk"}}'
1321 run_dpp_config_error(dev
, apdev
, conf
)
1323 def test_dpp_config_error_legacy_too_short_pass(dev
, apdev
):
1324 """DPP Config Object legacy error - too short pass/psk"""
1325 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"1"}}'
1326 run_dpp_config_error(dev
, apdev
, conf
)
1328 def test_dpp_config_error_legacy_too_long_pass(dev
, apdev
):
1329 """DPP Config Object legacy error - too long pass/psk"""
1330 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"%s"}}' % (64*'A')
1331 run_dpp_config_error(dev
, apdev
, conf
)
1333 def test_dpp_config_error_legacy_psk_with_sae(dev
, apdev
):
1334 """DPP Config Object legacy error - psk_hex with SAE"""
1335 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"sae","psk_hex":"%s"}}' % (32*"12")
1336 run_dpp_config_error(dev
, apdev
, conf
)
1338 def test_dpp_config_error_legacy_no_pass_for_sae(dev
, apdev
):
1339 """DPP Config Object legacy error - no pass for SAE"""
1340 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk+sae","psk_hex":"%s"}}' % (32*"12")
1341 run_dpp_config_error(dev
, apdev
, conf
)
1343 def test_dpp_config_error_legacy_invalid_psk(dev
, apdev
):
1344 """DPP Config Object legacy error - invalid psk_hex"""
1345 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (32*"qa")
1346 run_dpp_config_error(dev
, apdev
, conf
)
1348 def test_dpp_config_error_legacy_too_short_psk(dev
, apdev
):
1349 """DPP Config Object legacy error - too short psk_hex"""
1350 conf
= '{"wi-fi_tech":"infra","discovery":{"ssid":"test"},"cred":{"akm":"psk","psk_hex":"%s"}}' % (31*"12")
1351 run_dpp_config_error(dev
, apdev
, conf
)
1353 def ecdsa_sign(pkey
, message
, alg
="sha256"):
1354 sign
= OpenSSL
.crypto
.sign(pkey
, message
, alg
)
1355 a
,b
= struct
.unpack('BB', sign
[0:2])
1357 raise Exception("Invalid DER encoding of ECDSA signature")
1358 if b
!= len(sign
) - 2:
1359 raise Exception("Invalid length of ECDSA signature")
1362 a
,b
= struct
.unpack('BB', sign
[0:2])
1364 raise Exception("Invalid DER encoding of ECDSA signature r")
1365 if b
> len(sign
) - 2:
1366 raise Exception("Invalid length of ECDSA signature r")
1375 raise Exception("Invalid length of ECDSA signature r")
1377 a
,b
= struct
.unpack('BB', sign
[0:2])
1379 raise Exception("Invalid DER encoding of ECDSA signature s")
1380 if b
> len(sign
) - 2:
1381 raise Exception("Invalid length of ECDSA signature s")
1390 raise Exception("Invalid length of ECDSA signature s")
1392 raise Exception("Extra data at the end of ECDSA signature")
1395 return base64
.urlsafe_b64encode(raw_sign
).decode().rstrip('=')
1397 p256_priv_key
= """-----BEGIN EC PRIVATE KEY-----
1398 MHcCAQEEIBVQij9ah629f1pu3tarDQGQvrzHgAkgYd1jHGiLxNajoAoGCCqGSM49
1399 AwEHoUQDQgAEAC9d2/JirKu72F2qLuv5jEFMD1Cqu9EiyGk7cOzn/2DJ51p2mEoW
1400 n03N6XRvTC+G7WPol9Ng97NAM2sK57+F/Q==
1401 -----END EC PRIVATE KEY-----"""
1402 p256_pub_key_x
= binascii
.unhexlify("002f5ddbf262acabbbd85daa2eebf98c414c0f50aabbd122c8693b70ece7ff60")
1403 p256_pub_key_y
= binascii
.unhexlify("c9e75a76984a169f4dcde9746f4c2f86ed63e897d360f7b340336b0ae7bf85fd")
1405 def run_dpp_config_connector(dev
, apdev
, expiry
=None, payload
=None,
1406 skip_net_access_key_mismatch
=True):
1407 if not openssl_imported
:
1408 raise HwsimSkip("OpenSSL python method not available")
1409 pkey
= OpenSSL
.crypto
.load_privatekey(OpenSSL
.crypto
.FILETYPE_PEM
,
1411 x
= base64
.urlsafe_b64encode(p256_pub_key_x
).decode().rstrip('=')
1412 y
= base64
.urlsafe_b64encode(p256_pub_key_y
).decode().rstrip('=')
1414 pubkey
= b
'\x04' + p256_pub_key_x
+ p256_pub_key_y
1415 kid
= base64
.urlsafe_b64encode(hashlib
.sha256(pubkey
).digest()).decode().rstrip('=')
1417 prot_hdr
= '{"typ":"dppCon","kid":"%s","alg":"ES256"}' % kid
1420 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}'
1422 payload
+= ',"expiry":"%s"' % expiry
1424 conn
= base64
.urlsafe_b64encode(prot_hdr
.encode()).decode().rstrip('=') + '.'
1425 conn
+= base64
.urlsafe_b64encode(payload
.encode()).decode().rstrip('=')
1426 sign
= ecdsa_sign(pkey
, conn
)
1428 run_dpp_config_error(dev
, apdev
,
1429 build_conf_obj(x
=x
, y
=y
, signed_connector
=conn
),
1430 skip_net_access_key_mismatch
=skip_net_access_key_mismatch
)
1432 def test_dpp_config_connector_error_ext_sign(dev
, apdev
):
1433 """DPP Config Object connector error - external signature calculation"""
1434 run_dpp_config_connector(dev
, apdev
)
1436 def test_dpp_config_connector_error_too_short_timestamp(dev
, apdev
):
1437 """DPP Config Object connector error - too short timestamp"""
1438 run_dpp_config_connector(dev
, apdev
, expiry
="1")
1440 def test_dpp_config_connector_error_invalid_timestamp(dev
, apdev
):
1441 """DPP Config Object connector error - invalid timestamp"""
1442 run_dpp_config_connector(dev
, apdev
, expiry
=19*"1")
1444 def test_dpp_config_connector_error_invalid_timestamp_date(dev
, apdev
):
1445 """DPP Config Object connector error - invalid timestamp date"""
1446 run_dpp_config_connector(dev
, apdev
, expiry
="9999-99-99T99:99:99Z")
1448 def test_dpp_config_connector_error_invalid_time_zone(dev
, apdev
):
1449 """DPP Config Object connector error - invalid time zone"""
1450 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00*")
1452 def test_dpp_config_connector_error_invalid_time_zone_2(dev
, apdev
):
1453 """DPP Config Object connector error - invalid time zone 2"""
1454 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+")
1456 def test_dpp_config_connector_error_expired_1(dev
, apdev
):
1457 """DPP Config Object connector error - expired 1"""
1458 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00")
1460 def test_dpp_config_connector_error_expired_2(dev
, apdev
):
1461 """DPP Config Object connector error - expired 2"""
1462 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00Z")
1464 def test_dpp_config_connector_error_expired_3(dev
, apdev
):
1465 """DPP Config Object connector error - expired 3"""
1466 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01")
1468 def test_dpp_config_connector_error_expired_4(dev
, apdev
):
1469 """DPP Config Object connector error - expired 4"""
1470 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00+01:02")
1472 def test_dpp_config_connector_error_expired_5(dev
, apdev
):
1473 """DPP Config Object connector error - expired 5"""
1474 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01")
1476 def test_dpp_config_connector_error_expired_6(dev
, apdev
):
1477 """DPP Config Object connector error - expired 6"""
1478 run_dpp_config_connector(dev
, apdev
, expiry
="2018-01-01T00:00:00-01:02")
1480 def test_dpp_config_connector_error_no_groups(dev
, apdev
):
1481 """DPP Config Object connector error - no groups"""
1482 payload
= '{"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1483 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1485 def test_dpp_config_connector_error_empty_groups(dev
, apdev
):
1486 """DPP Config Object connector error - empty groups"""
1487 payload
= '{"groups":[],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1488 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1490 def test_dpp_config_connector_error_missing_group_id(dev
, apdev
):
1491 """DPP Config Object connector error - missing groupId"""
1492 payload
= '{"groups":[{"netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1493 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1495 def test_dpp_config_connector_error_missing_net_role(dev
, apdev
):
1496 """DPP Config Object connector error - missing netRole"""
1497 payload
= '{"groups":[{"groupId":"*"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1498 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1500 def test_dpp_config_connector_error_missing_net_access_key(dev
, apdev
):
1501 """DPP Config Object connector error - missing netAccessKey"""
1502 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}]}'
1503 run_dpp_config_connector(dev
, apdev
, payload
=payload
)
1505 def test_dpp_config_connector_error_net_access_key_mismatch(dev
, apdev
):
1506 """DPP Config Object connector error - netAccessKey mismatch"""
1507 payload
= '{"groups":[{"groupId":"*","netRole":"sta"}],"netAccessKey":{"kty":"EC","crv":"P-256","x":"aTF4JEGIPKSZ0Xv9zdCMjm-tn5XpMsYIVZ9wySAz1gI","y":"QGcHWA_6rbU9XDXAztoX-M5Q3suTnMaqEhULtn7SSXw"}}'
1508 run_dpp_config_connector(dev
, apdev
, payload
=payload
,
1509 skip_net_access_key_mismatch
=False)
1511 def test_dpp_gas_timeout(dev
, apdev
):
1512 """DPP and GAS server timeout for a query"""
1513 check_dpp_capab(dev
[0])
1514 check_dpp_capab(dev
[1])
1515 logger
.info("dev0 displays QR Code")
1516 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
1517 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1519 logger
.info("dev1 scans QR Code")
1520 id1
= dev
[1].dpp_qr_code(uri0
)
1522 logger
.info("dev1 initiates DPP Authentication")
1523 dev
[0].set("ext_mgmt_frame_handling", "1")
1524 cmd
= "DPP_LISTEN 2412"
1525 if "OK" not in dev
[0].request(cmd
):
1526 raise Exception("Failed to start listen operation")
1528 # Force GAS fragmentation
1529 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
1530 dev
[1].set("dpp_config_obj_override", conf
)
1532 cmd
= "DPP_AUTH_INIT peer=%d" % id1
1533 if "OK" not in dev
[1].request(cmd
):
1534 raise Exception("Failed to initiate DPP Authentication")
1536 # DPP Authentication Request
1537 msg
= dev
[0].mgmt_rx()
1538 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1539 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1540 raise Exception("MGMT_RX_PROCESS failed")
1542 # DPP Authentication Confirmation
1543 msg
= dev
[0].mgmt_rx()
1544 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1545 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1546 raise Exception("MGMT_RX_PROCESS failed")
1548 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1550 raise Exception("DPP authentication did not succeed (Responder)")
1551 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1553 raise Exception("DPP authentication did not succeed (Initiator)")
1555 # DPP Configuration Response (GAS Initial Response frame)
1556 msg
= dev
[0].mgmt_rx()
1557 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
1558 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
1559 raise Exception("MGMT_RX_PROCESS failed")
1561 # GAS Comeback Response frame
1562 msg
= dev
[0].mgmt_rx()
1563 # Do not continue to force timeout on GAS server
1565 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
1567 raise Exception("GAS result not reported (Enrollee)")
1568 if "result=TIMEOUT" not in ev
:
1569 raise Exception("Unexpected GAS result (Enrollee): " + ev
)
1570 dev
[0].set("ext_mgmt_frame_handling", "0")
1572 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=15)
1574 raise Exception("DPP configuration failure not reported (Configurator)")
1576 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=1)
1578 raise Exception("DPP configuration failure not reported (Enrollee)")
1580 def test_dpp_akm_sha256(dev
, apdev
):
1581 """DPP AKM (SHA256)"""
1582 run_dpp_akm(dev
, apdev
, 32)
1584 def test_dpp_akm_sha384(dev
, apdev
):
1585 """DPP AKM (SHA384)"""
1586 run_dpp_akm(dev
, apdev
, 48)
1588 def test_dpp_akm_sha512(dev
, apdev
):
1589 """DPP AKM (SHA512)"""
1590 run_dpp_akm(dev
, apdev
, 64)
1592 def run_dpp_akm(dev
, apdev
, pmk_len
):
1593 check_dpp_capab(dev
[0])
1594 check_dpp_capab(dev
[1])
1595 params
= { "ssid": "dpp",
1597 "wpa_key_mgmt": "DPP",
1598 "rsn_pairwise": "CCMP",
1601 hapd
= hostapd
.add_ap(apdev
[0], params
)
1603 raise HwsimSkip("DPP not supported")
1605 id = dev
[0].connect("dpp", key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
1607 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=2)
1609 raise Exception("Network mismatch not reported")
1610 dev
[0].request("DISCONNECT")
1611 dev
[0].dump_monitor()
1613 bssid
= hapd
.own_addr()
1617 cmd
= "PMKSA_ADD %d %s %s %s 30240 43200 %d 0" % (id, bssid
, pmkid
, pmk
, akmp
)
1618 if "OK" not in dev
[0].request(cmd
):
1619 raise Exception("PMKSA_ADD failed (wpa_supplicant)")
1620 dev
[0].select_network(id, freq
="2412")
1621 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=2)
1622 dev
[0].request("DISCONNECT")
1623 dev
[0].dump_monitor()
1625 raise Exception("Association attempt was not rejected")
1626 if "status_code=53" not in ev
:
1627 raise Exception("Unexpected status code: " + ev
)
1629 addr
= dev
[0].own_addr()
1630 cmd
= "PMKSA_ADD %s %s %s 0 %d" % (addr
, pmkid
, pmk
, akmp
)
1631 if "OK" not in hapd
.request(cmd
):
1632 raise Exception("PMKSA_ADD failed (hostapd)")
1634 dev
[0].select_network(id, freq
="2412")
1635 dev
[0].wait_connected()
1636 val
= dev
[0].get_status_field("key_mgmt")
1638 raise Exception("Unexpected key_mgmt: " + val
)
1640 params1_csign
= "3059301306072a8648ce3d020106082a8648ce3d03010703420004d02e5bd81a120762b5f0f2994777f5d40297238a6c294fd575cdf35fabec44c050a6421c401d98d659fd2ed13c961cc8287944dd3202f516977800d3ab2f39ee"
1641 params1_ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIwOHF4TlNYRzRWemdCV3BjVUdNSmc1czNvbElOVFJsRVQ1aERpNkRKY3ZjIiwieSI6IlVhaGFYQXpKRVpRQk1YaHRUQnlZZVlrOWtJYjk5UDA3UV9NcW9TVVZTVEkifX0.a5_nfMVr7Qe1SW0ZL3u6oQRm5NUCYUSfixDAJOUFN3XUfECBZ6E8fm8xjeSfdOytgRidTz0CTlIRjzPQo82dmQ"
1642 params1_ap_netaccesskey
= "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
1643 params1_sta_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
1644 params1_sta_netaccesskey
= "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
1646 def test_dpp_network_introduction(dev
, apdev
):
1647 """DPP network introduction"""
1648 check_dpp_capab(dev
[0])
1649 check_dpp_capab(dev
[1])
1651 params
= { "ssid": "dpp",
1653 "wpa_key_mgmt": "DPP",
1655 "rsn_pairwise": "CCMP",
1656 "dpp_connector": params1_ap_connector
,
1657 "dpp_csign": params1_csign
,
1658 "dpp_netaccesskey": params1_ap_netaccesskey
}
1660 hapd
= hostapd
.add_ap(apdev
[0], params
)
1662 raise HwsimSkip("DPP not supported")
1664 id = dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
1666 dpp_csign
=params1_csign
,
1667 dpp_connector
=params1_sta_connector
,
1668 dpp_netaccesskey
=params1_sta_netaccesskey
)
1669 val
= dev
[0].get_status_field("key_mgmt")
1671 raise Exception("Unexpected key_mgmt: " + val
)
1673 def test_dpp_and_sae_akm(dev
, apdev
):
1674 """DPP and SAE AKMs"""
1675 check_dpp_capab(dev
[0])
1676 check_dpp_capab(dev
[1])
1677 if "SAE" not in dev
[1].get_capability("auth_alg"):
1678 raise HwsimSkip("SAE not supported")
1680 params
= { "ssid": "dpp+sae",
1682 "wpa_key_mgmt": "DPP SAE",
1684 "rsn_pairwise": "CCMP",
1685 "sae_password": "sae-password",
1686 "dpp_connector": params1_ap_connector
,
1687 "dpp_csign": params1_csign
,
1688 "dpp_netaccesskey": params1_ap_netaccesskey
}
1690 hapd
= hostapd
.add_ap(apdev
[0], params
)
1692 raise HwsimSkip("DPP not supported")
1694 id = dev
[0].connect("dpp+sae", key_mgmt
="DPP", scan_freq
="2412",
1696 dpp_csign
=params1_csign
,
1697 dpp_connector
=params1_sta_connector
,
1698 dpp_netaccesskey
=params1_sta_netaccesskey
)
1699 val
= dev
[0].get_status_field("key_mgmt")
1701 raise Exception("Unexpected key_mgmt for DPP: " + val
)
1703 id = dev
[1].connect("dpp+sae", key_mgmt
="SAE", scan_freq
="2412",
1704 ieee80211w
="2", psk
="sae-password")
1705 val
= dev
[1].get_status_field("key_mgmt")
1707 raise Exception("Unexpected key_mgmt for SAE: " + val
)
1709 def test_dpp_ap_config(dev
, apdev
):
1710 """DPP and AP configuration"""
1711 run_dpp_ap_config(dev
, apdev
)
1713 def test_dpp_ap_config_p256_p256(dev
, apdev
):
1714 """DPP and AP configuration (P-256 + P-256)"""
1715 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-256")
1717 def test_dpp_ap_config_p256_p384(dev
, apdev
):
1718 """DPP and AP configuration (P-256 + P-384)"""
1719 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-384")
1721 def test_dpp_ap_config_p256_p521(dev
, apdev
):
1722 """DPP and AP configuration (P-256 + P-521)"""
1723 run_dpp_ap_config(dev
, apdev
, curve
="P-256", conf_curve
="P-521")
1725 def test_dpp_ap_config_p384_p256(dev
, apdev
):
1726 """DPP and AP configuration (P-384 + P-256)"""
1727 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-256")
1729 def test_dpp_ap_config_p384_p384(dev
, apdev
):
1730 """DPP and AP configuration (P-384 + P-384)"""
1731 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-384")
1733 def test_dpp_ap_config_p384_p521(dev
, apdev
):
1734 """DPP and AP configuration (P-384 + P-521)"""
1735 run_dpp_ap_config(dev
, apdev
, curve
="P-384", conf_curve
="P-521")
1737 def test_dpp_ap_config_p521_p256(dev
, apdev
):
1738 """DPP and AP configuration (P-521 + P-256)"""
1739 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-256")
1741 def test_dpp_ap_config_p521_p384(dev
, apdev
):
1742 """DPP and AP configuration (P-521 + P-384)"""
1743 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-384")
1745 def test_dpp_ap_config_p521_p521(dev
, apdev
):
1746 """DPP and AP configuration (P-521 + P-521)"""
1747 run_dpp_ap_config(dev
, apdev
, curve
="P-521", conf_curve
="P-521")
1749 def test_dpp_ap_config_reconfig_configurator(dev
, apdev
):
1750 """DPP and AP configuration with Configurator reconfiguration"""
1751 run_dpp_ap_config(dev
, apdev
, reconf_configurator
=True)
1753 def update_hapd_config(hapd
):
1754 ev
= hapd
.wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1756 raise Exception("SSID not reported (AP)")
1757 ssid
= ev
.split(' ')[1]
1759 ev
= hapd
.wait_event(["DPP-CONNECTOR"], timeout
=1)
1761 raise Exception("Connector not reported (AP)")
1762 connector
= ev
.split(' ')[1]
1764 ev
= hapd
.wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
1766 raise Exception("C-sign-key not reported (AP)")
1770 ev
= hapd
.wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
1772 raise Exception("netAccessKey not reported (AP)")
1774 net_access_key
= p
[1]
1775 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
1777 logger
.info("Update AP configuration to use key_mgmt=DPP")
1779 hapd
.set("ssid", ssid
)
1780 hapd
.set("wpa", "2")
1781 hapd
.set("wpa_key_mgmt", "DPP")
1782 hapd
.set("ieee80211w", "2")
1783 hapd
.set("rsn_pairwise", "CCMP")
1784 hapd
.set("dpp_connector", connector
)
1785 hapd
.set("dpp_csign", csign
)
1786 hapd
.set("dpp_netaccesskey", net_access_key
)
1787 if net_access_key_expiry
:
1788 hapd
.set("dpp_netaccesskey_expiry", net_access_key_expiry
)
1791 def run_dpp_ap_config(dev
, apdev
, curve
=None, conf_curve
=None,
1792 reconf_configurator
=False):
1793 check_dpp_capab(dev
[0])
1794 check_dpp_capab(dev
[1])
1795 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
1796 check_dpp_capab(hapd
)
1798 id_h
= hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
=curve
)
1799 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
1801 cmd
= "DPP_CONFIGURATOR_ADD"
1803 cmd
+= " curve=" + conf_curve
1804 res
= dev
[0].request(cmd
)
1806 raise Exception("Failed to add configurator")
1809 if reconf_configurator
:
1810 csign
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
1811 if "FAIL" in csign
or len(csign
) == 0:
1812 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
1814 id = dev
[0].dpp_qr_code(uri
)
1816 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
1817 if "OK" not in dev
[0].request(cmd
):
1818 raise Exception("Failed to initiate DPP Authentication")
1819 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1821 raise Exception("DPP authentication did not succeed (Responder)")
1822 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1824 raise Exception("DPP authentication did not succeed (Initiator)")
1825 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
1827 raise Exception("DPP configuration not completed (Configurator)")
1828 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
1830 raise Exception("DPP configuration not completed (Enrollee)")
1831 if "DPP-CONF-FAILED" in ev
:
1832 raise Exception("DPP configuration failed")
1834 update_hapd_config(hapd
)
1836 id1
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
=curve
)
1837 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
1839 id0b
= dev
[0].dpp_qr_code(uri1
)
1841 if reconf_configurator
:
1842 res
= dev
[0].request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
1844 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
1845 cmd
= "DPP_CONFIGURATOR_ADD"
1847 cmd
+= " curve=" + conf_curve
1848 cmd
+= " key=" + csign
1849 res
= dev
[0].request(cmd
)
1851 raise Exception("Failed to add configurator (reconf)")
1854 cmd
= "DPP_LISTEN 2412"
1855 if "OK" not in dev
[1].request(cmd
):
1856 raise Exception("Failed to start listen operation")
1857 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id0b
, conf_id
)
1858 if "OK" not in dev
[0].request(cmd
):
1859 raise Exception("Failed to initiate DPP Authentication")
1860 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1862 raise Exception("DPP authentication did not succeed (Responder)")
1863 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
1865 raise Exception("DPP authentication did not succeed (Initiator)")
1866 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
1868 raise Exception("DPP configuration not completed (Configurator)")
1869 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
1871 raise Exception("DPP configuration not completed (Enrollee)")
1872 dev
[1].request("DPP_STOP_LISTEN")
1874 ev
= dev
[1].wait_event(["DPP-CONFOBJ-SSID"], timeout
=1)
1876 raise Exception("SSID not reported")
1877 ssid
= ev
.split(' ')[1]
1879 ev
= dev
[1].wait_event(["DPP-CONNECTOR"], timeout
=1)
1881 raise Exception("Connector not reported")
1882 connector
= ev
.split(' ')[1]
1884 ev
= dev
[1].wait_event(["DPP-C-SIGN-KEY"], timeout
=1)
1886 raise Exception("C-sign-key not reported")
1890 ev
= dev
[1].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=1)
1892 raise Exception("netAccessKey not reported")
1894 net_access_key
= p
[1]
1895 net_access_key_expiry
= p
[2] if len(p
) > 2 else None
1897 dev
[1].dump_monitor()
1899 id = dev
[1].connect(ssid
, key_mgmt
="DPP", ieee80211w
="2", scan_freq
="2412",
1900 only_add_network
=True)
1901 dev
[1].set_network_quoted(id, "dpp_connector", connector
)
1902 dev
[1].set_network(id, "dpp_csign", csign
)
1903 dev
[1].set_network(id, "dpp_netaccesskey", net_access_key
)
1904 if net_access_key_expiry
:
1905 dev
[1].set_network(id, "dpp_netaccess_expiry", net_access_key_expiry
)
1907 logger
.info("Check data connection")
1908 dev
[1].select_network(id, freq
="2412")
1909 dev
[1].wait_connected()
1911 def test_dpp_auto_connect_1(dev
, apdev
):
1912 """DPP and auto connect (1)"""
1914 run_dpp_auto_connect(dev
, apdev
, 1)
1916 dev
[0].set("dpp_config_processing", "0")
1918 def test_dpp_auto_connect_2(dev
, apdev
):
1919 """DPP and auto connect (2)"""
1921 run_dpp_auto_connect(dev
, apdev
, 2)
1923 dev
[0].set("dpp_config_processing", "0")
1925 def test_dpp_auto_connect_2_connect_cmd(dev
, apdev
):
1926 """DPP and auto connect (2) using connect_cmd"""
1927 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1928 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1929 dev_new
= [ wpas
, dev
[1] ]
1931 run_dpp_auto_connect(dev_new
, apdev
, 2)
1933 wpas
.set("dpp_config_processing", "0")
1935 def run_dpp_auto_connect(dev
, apdev
, processing
):
1936 check_dpp_capab(dev
[0])
1937 check_dpp_capab(dev
[1])
1939 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1940 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1941 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1942 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1944 params
= { "ssid": "test",
1946 "wpa_key_mgmt": "DPP",
1948 "rsn_pairwise": "CCMP",
1949 "dpp_connector": ap_connector
,
1950 "dpp_csign": csign_pub
,
1951 "dpp_netaccesskey": ap_netaccesskey
}
1953 hapd
= hostapd
.add_ap(apdev
[0], params
)
1955 raise HwsimSkip("DPP not supported")
1957 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1958 res
= dev
[1].request(cmd
)
1960 raise Exception("DPP_CONFIGURATOR_ADD failed")
1963 dev
[0].set("dpp_config_processing", str(processing
))
1964 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
1965 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1967 id1
= dev
[1].dpp_qr_code(uri0
)
1969 cmd
= "DPP_LISTEN 2412"
1970 if "OK" not in dev
[0].request(cmd
):
1971 raise Exception("Failed to start listen operation")
1973 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
1974 if "OK" not in dev
[1].request(cmd
):
1975 raise Exception("Failed to initiate DPP Authentication")
1976 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
1978 raise Exception("DPP configuration not completed (Configurator)")
1979 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
1981 raise Exception("DPP configuration not completed (Enrollee)")
1982 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
1984 raise Exception("DPP network profile not generated")
1985 id = ev
.split(' ')[1]
1988 dev
[0].select_network(id, freq
=2412)
1990 dev
[0].wait_connected()
1991 hwsim_utils
.test_connectivity(dev
[0], hapd
)
1993 def test_dpp_auto_connect_legacy(dev
, apdev
):
1994 """DPP and auto connect (legacy)"""
1996 run_dpp_auto_connect_legacy(dev
, apdev
)
1998 dev
[0].set("dpp_config_processing", "0")
2000 def test_dpp_auto_connect_legacy_sae_1(dev
, apdev
):
2001 """DPP and auto connect (legacy SAE)"""
2003 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', psk_sae
=True)
2005 dev
[0].set("dpp_config_processing", "0")
2007 def test_dpp_auto_connect_legacy_sae_2(dev
, apdev
):
2008 """DPP and auto connect (legacy SAE)"""
2010 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-sae', sae_only
=True)
2012 dev
[0].set("dpp_config_processing", "0")
2014 def test_dpp_auto_connect_legacy_psk_sae_1(dev
, apdev
):
2015 """DPP and auto connect (legacy PSK+SAE)"""
2017 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2020 dev
[0].set("dpp_config_processing", "0")
2022 def test_dpp_auto_connect_legacy_psk_sae_2(dev
, apdev
):
2023 """DPP and auto connect (legacy PSK+SAE)"""
2025 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae',
2028 dev
[0].set("dpp_config_processing", "0")
2030 def test_dpp_auto_connect_legacy_psk_sae_3(dev
, apdev
):
2031 """DPP and auto connect (legacy PSK+SAE)"""
2033 run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk-sae')
2035 dev
[0].set("dpp_config_processing", "0")
2037 def run_dpp_auto_connect_legacy(dev
, apdev
, conf
='sta-psk',
2038 psk_sae
=False, sae_only
=False):
2039 check_dpp_capab(dev
[0])
2040 check_dpp_capab(dev
[1])
2042 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2043 passphrase
="secret passphrase")
2045 params
['wpa_key_mgmt'] = 'SAE'
2046 params
['ieee80211w'] = '2'
2048 params
['wpa_key_mgmt'] = 'WPA-PSK SAE'
2049 params
['ieee80211w'] = '1'
2050 params
['sae_require_mfp'] = '1'
2052 hapd
= hostapd
.add_ap(apdev
[0], params
)
2054 dev
[0].set("dpp_config_processing", "2")
2055 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
2056 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2058 id1
= dev
[1].dpp_qr_code(uri0
)
2060 cmd
= "DPP_LISTEN 2412"
2061 if "OK" not in dev
[0].request(cmd
):
2062 raise Exception("Failed to start listen operation")
2064 cmd
= "DPP_AUTH_INIT peer=%d conf=%s ssid=%s pass=%s" % (id1
, conf
,
2065 binascii
.hexlify(b
"dpp-legacy").decode(),
2066 binascii
.hexlify(b
"secret passphrase").decode())
2067 if "OK" not in dev
[1].request(cmd
):
2068 raise Exception("Failed to initiate DPP Authentication")
2069 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2071 raise Exception("DPP configuration not completed (Configurator)")
2072 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2074 raise Exception("DPP configuration not completed (Enrollee)")
2075 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2077 raise Exception("DPP network profile not generated")
2078 id = ev
.split(' ')[1]
2080 dev
[0].wait_connected()
2082 def test_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2083 """DPP and auto connect (legacy, PMF required)"""
2085 run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
)
2087 dev
[0].set("dpp_config_processing", "0")
2089 def run_dpp_auto_connect_legacy_pmf_required(dev
, apdev
):
2090 check_dpp_capab(dev
[0])
2091 check_dpp_capab(dev
[1])
2093 params
= hostapd
.wpa2_params(ssid
="dpp-legacy",
2094 passphrase
="secret passphrase")
2095 params
['wpa_key_mgmt'] = "WPA-PSK-SHA256"
2096 params
['ieee80211w'] = "2"
2097 hapd
= hostapd
.add_ap(apdev
[0], params
)
2099 dev
[0].set("dpp_config_processing", "2")
2100 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
2101 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2103 id1
= dev
[1].dpp_qr_code(uri0
)
2105 cmd
= "DPP_LISTEN 2412"
2106 if "OK" not in dev
[0].request(cmd
):
2107 raise Exception("Failed to start listen operation")
2109 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s pass=%s" % (id1
,
2110 binascii
.hexlify(b
"dpp-legacy").decode(),
2111 binascii
.hexlify(b
"secret passphrase").decode())
2112 if "OK" not in dev
[1].request(cmd
):
2113 raise Exception("Failed to initiate DPP Authentication")
2114 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=10)
2116 raise Exception("DPP configuration not completed (Configurator)")
2117 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=2)
2119 raise Exception("DPP configuration not completed (Enrollee)")
2120 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
2122 raise Exception("DPP network profile not generated")
2123 id = ev
.split(' ')[1]
2125 dev
[0].wait_connected()
2127 def test_dpp_qr_code_auth_responder_configurator(dev
, apdev
):
2128 """DPP QR Code and responder as the configurator"""
2129 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, "")
2131 def test_dpp_qr_code_auth_responder_configurator_group_id(dev
, apdev
):
2132 """DPP QR Code and responder as the configurator with group_id)"""
2133 run_dpp_qr_code_auth_responder_configurator(dev
, apdev
,
2134 " group_id=test-group")
2136 def run_dpp_qr_code_auth_responder_configurator(dev
, apdev
, extra
):
2137 check_dpp_capab(dev
[0])
2138 check_dpp_capab(dev
[1])
2139 cmd
= "DPP_CONFIGURATOR_ADD"
2140 res
= dev
[0].request(cmd
)
2142 raise Exception("Failed to add configurator")
2145 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
2146 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2148 id1
= dev
[1].dpp_qr_code(uri0
)
2150 dev
[0].set("dpp_configurator_params",
2151 " conf=sta-dpp configurator=%d%s" % (conf_id
, extra
))
2152 cmd
= "DPP_LISTEN 2412 role=configurator"
2153 if "OK" not in dev
[0].request(cmd
):
2154 raise Exception("Failed to start listen operation")
2155 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2156 if "OK" not in dev
[1].request(cmd
):
2157 raise Exception("Failed to initiate DPP Authentication")
2158 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2160 raise Exception("DPP authentication did not succeed (Responder)")
2161 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2163 raise Exception("DPP authentication did not succeed (Initiator)")
2164 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2166 raise Exception("DPP configuration not completed (Configurator)")
2167 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2169 raise Exception("DPP configuration not completed (Enrollee)")
2170 dev
[0].request("DPP_STOP_LISTEN")
2171 dev
[0].dump_monitor()
2172 dev
[1].dump_monitor()
2174 def test_dpp_qr_code_hostapd_init(dev
, apdev
):
2175 """DPP QR Code and hostapd as initiator"""
2176 check_dpp_capab(dev
[0])
2177 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2179 check_dpp_capab(hapd
)
2181 cmd
= "DPP_CONFIGURATOR_ADD"
2182 res
= dev
[0].request(cmd
)
2184 raise Exception("Failed to add configurator")
2187 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2188 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2190 dev
[0].set("dpp_configurator_params",
2191 " conf=ap-dpp configurator=%d" % conf_id
)
2192 cmd
= "DPP_LISTEN 2437 role=configurator"
2193 if "OK" not in dev
[0].request(cmd
):
2194 raise Exception("Failed to start listen operation")
2196 id1
= hapd
.dpp_qr_code(uri0
)
2198 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2199 if "OK" not in hapd
.request(cmd
):
2200 raise Exception("Failed to initiate DPP Authentication")
2201 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2203 raise Exception("DPP authentication did not succeed (Responder)")
2204 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2206 raise Exception("DPP authentication did not succeed (Initiator)")
2207 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2209 raise Exception("DPP configuration not completed (Configurator)")
2210 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2212 raise Exception("DPP configuration not completed (Enrollee)")
2213 dev
[0].request("DPP_STOP_LISTEN")
2214 dev
[0].dump_monitor()
2216 def test_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
):
2217 """DPP QR Code and hostapd as initiator (offchannel)"""
2218 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, None)
2220 def test_dpp_qr_code_hostapd_init_offchannel_neg_freq(dev
, apdev
):
2221 """DPP QR Code and hostapd as initiator (offchannel, neg_freq)"""
2222 run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, "neg_freq=2437")
2224 def run_dpp_qr_code_hostapd_init_offchannel(dev
, apdev
, extra
):
2225 check_dpp_capab(dev
[0])
2226 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2228 check_dpp_capab(hapd
)
2230 cmd
= "DPP_CONFIGURATOR_ADD"
2231 res
= dev
[0].request(cmd
)
2233 raise Exception("Failed to add configurator")
2236 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1,81/11", mac
=True)
2237 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2239 dev
[0].set("dpp_configurator_params",
2240 " conf=ap-dpp configurator=%d" % conf_id
)
2241 cmd
= "DPP_LISTEN 2462 role=configurator"
2242 if "OK" not in dev
[0].request(cmd
):
2243 raise Exception("Failed to start listen operation")
2245 id1
= hapd
.dpp_qr_code(uri0
)
2247 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
2250 if "OK" not in hapd
.request(cmd
):
2251 raise Exception("Failed to initiate DPP Authentication")
2252 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2254 raise Exception("DPP authentication did not succeed (Responder)")
2255 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2257 raise Exception("DPP authentication did not succeed (Initiator)")
2258 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2260 raise Exception("DPP configuration not completed (Configurator)")
2261 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2263 raise Exception("DPP configuration not completed (Enrollee)")
2264 dev
[0].request("DPP_STOP_LISTEN")
2265 dev
[0].dump_monitor()
2267 def test_dpp_test_vector_p_256(dev
, apdev
):
2268 """DPP P-256 test vector (mutual auth)"""
2269 check_dpp_capab(dev
[0])
2270 check_dpp_capab(dev
[1])
2272 # Responder bootstrapping key
2273 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2274 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/11", mac
=True, key
="30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2275 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2277 # Responder protocol keypair override
2278 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2279 dev
[0].set("dpp_protocol_key_override",
2280 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2282 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2284 # Initiator bootstrapping key
2285 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2286 id1
= dev
[1].dpp_bootstrap_gen(key
="30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2287 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2289 # Initiator protocol keypair override
2290 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2291 dev
[1].set("dpp_protocol_key_override",
2292 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2294 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2296 id1peer
= dev
[1].dpp_qr_code(uri0
)
2297 id0peer
= dev
[0].dpp_qr_code(uri1
)
2299 cmd
= "DPP_LISTEN 2462 qr=mutual"
2300 if "OK" not in dev
[0].request(cmd
):
2301 raise Exception("Failed to start listen operation")
2303 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2304 if "OK" not in dev
[1].request(cmd
):
2305 raise Exception("Failed to initiate operation")
2307 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2309 raise Exception("DPP authentication did not succeed (Initiator)")
2310 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2312 raise Exception("DPP authentication did not succeed (Responder)")
2314 def test_dpp_test_vector_p_256_b(dev
, apdev
):
2315 """DPP P-256 test vector (Responder-only auth)"""
2316 check_dpp_capab(dev
[0])
2317 check_dpp_capab(dev
[1])
2319 # Responder bootstrapping key
2320 priv
= "54ce181a98525f217216f59b245f60e9df30ac7f6b26c939418cfc3c42d1afa0"
2321 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/11", mac
=True, key
="30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2322 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2324 # Responder protocol keypair override
2325 priv
= "f798ed2e19286f6a6efe210b1863badb99af2a14b497634dbfd2a97394fb5aa5"
2326 dev
[0].set("dpp_protocol_key_override",
2327 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2329 dev
[0].set("dpp_nonce_override", "3d0cfb011ca916d796f7029ff0b43393")
2331 # Initiator bootstrapping key
2332 priv
= "15b2a83c5a0a38b61f2aa8200ee4994b8afdc01c58507d10d0a38f7eedf051bb"
2333 id1
= dev
[1].dpp_bootstrap_gen(key
="30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2334 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2336 # Initiator protocol keypair override
2337 priv
= "a87de9afbb406c96e5f79a3df895ecac3ad406f95da66314c8cb3165e0c61783"
2338 dev
[1].set("dpp_protocol_key_override",
2339 "30310201010420" + priv
+ "a00a06082a8648ce3d030107")
2341 dev
[1].set("dpp_nonce_override", "13f4602a16daeb69712263b9c46cba31")
2343 id1peer
= dev
[1].dpp_qr_code(uri0
)
2345 cmd
= "DPP_LISTEN 2462"
2346 if "OK" not in dev
[0].request(cmd
):
2347 raise Exception("Failed to start listen operation")
2349 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2350 if "OK" not in dev
[1].request(cmd
):
2351 raise Exception("Failed to initiate operation")
2353 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2355 raise Exception("DPP authentication did not succeed (Initiator)")
2356 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2358 raise Exception("DPP authentication did not succeed (Responder)")
2360 def der_priv_key_p_521(priv
):
2361 if len(priv
) != 2 * 66:
2362 raise Exception("Unexpected der_priv_key_p_521 parameter: " + priv
)
2363 der_prefix
= "3081500201010442"
2364 der_postfix
= "a00706052b81040023"
2365 return der_prefix
+ priv
+ der_postfix
2367 def test_dpp_test_vector_p_521(dev
, apdev
):
2368 """DPP P-521 test vector (mutual auth)"""
2369 check_dpp_capab(dev
[0])
2370 check_dpp_capab(dev
[1])
2372 # Responder bootstrapping key
2373 priv
= "0061e54f518cdf859735da3dd64c6f72c2f086f41a6fd52915152ea2fe0f24ddaecd8883730c9c9fd82cf7c043a41021696388cf5190b731dd83638bcd56d8b6c743"
2374 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/11", mac
=True,
2375 key
=der_priv_key_p_521(priv
))
2376 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2378 # Responder protocol keypair override
2379 priv
= "01d8b7b17cd1b0a33f7c66fb4220999329cdaf4f8b44b2ffadde8ab8ed8abffa9f5358c5b1caae26709ca4fb78e52a4d08f2e4f24111a36a6f440d20a0000ff51597"
2380 dev
[0].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2382 dev
[0].set("dpp_nonce_override",
2383 "d749a782012eb0a8595af30b2dfc8d0880d004ebddb55ecc5afbdef18c400e01")
2385 # Initiator bootstrapping key
2386 priv
= "0060c10df14af5ef27f6e362d31bdd9eeb44be77a323ba64b08f3f03d58b92cbfe05c182a91660caa081ca344243c47b5aa088bcdf738840eb35f0218b9f26881e02"
2387 id1
= dev
[1].dpp_bootstrap_gen(key
=der_priv_key_p_521(priv
))
2388 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
2390 # Initiator protocol keypair override
2391 priv
= "019c1c08caaeec38fb931894699b095bc3ab8c1ec7ef0622d2e3eba821477c8c6fca41774f21166ad98aebda37c067d9aa08a8a2e1b5c44c61f2bae02a61f85d9661"
2392 dev
[1].set("dpp_protocol_key_override", der_priv_key_p_521(priv
))
2394 dev
[1].set("dpp_nonce_override",
2395 "de972af3847bec3ba2aedd9f5c21cfdec7bf0bc5fe8b276cbcd0267807fb15b0")
2397 id1peer
= dev
[1].dpp_qr_code(uri0
)
2398 id0peer
= dev
[0].dpp_qr_code(uri1
)
2400 cmd
= "DPP_LISTEN 2462 qr=mutual"
2401 if "OK" not in dev
[0].request(cmd
):
2402 raise Exception("Failed to start listen operation")
2404 cmd
= "DPP_AUTH_INIT peer=%d own=%d neg_freq=2412" % (id1peer
, id1
)
2405 if "OK" not in dev
[1].request(cmd
):
2406 raise Exception("Failed to initiate operation")
2408 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2410 raise Exception("DPP authentication did not succeed (Initiator)")
2411 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2413 raise Exception("DPP authentication did not succeed (Responder)")
2415 def test_dpp_pkex(dev
, apdev
):
2417 run_dpp_pkex(dev
, apdev
)
2419 def test_dpp_pkex_p256(dev
, apdev
):
2420 """DPP and PKEX (P-256)"""
2421 run_dpp_pkex(dev
, apdev
, "P-256")
2423 def test_dpp_pkex_p384(dev
, apdev
):
2424 """DPP and PKEX (P-384)"""
2425 run_dpp_pkex(dev
, apdev
, "P-384")
2427 def test_dpp_pkex_p521(dev
, apdev
):
2428 """DPP and PKEX (P-521)"""
2429 run_dpp_pkex(dev
, apdev
, "P-521")
2431 def test_dpp_pkex_bp256(dev
, apdev
):
2432 """DPP and PKEX (BP-256)"""
2433 run_dpp_pkex(dev
, apdev
, "brainpoolP256r1")
2435 def test_dpp_pkex_bp384(dev
, apdev
):
2436 """DPP and PKEX (BP-384)"""
2437 run_dpp_pkex(dev
, apdev
, "brainpoolP384r1")
2439 def test_dpp_pkex_bp512(dev
, apdev
):
2440 """DPP and PKEX (BP-512)"""
2441 run_dpp_pkex(dev
, apdev
, "brainpoolP512r1")
2443 def test_dpp_pkex_config(dev
, apdev
):
2444 """DPP and PKEX with initiator as the configurator"""
2445 check_dpp_capab(dev
[1])
2447 cmd
= "DPP_CONFIGURATOR_ADD"
2448 res
= dev
[1].request(cmd
)
2450 raise Exception("Failed to add configurator")
2453 run_dpp_pkex(dev
, apdev
,
2454 init_extra
="conf=sta-dpp configurator=%d" % (conf_id
),
2457 def test_dpp_pkex_no_identifier(dev
, apdev
):
2458 """DPP and PKEX without identifier"""
2459 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
=None)
2461 def test_dpp_pkex_identifier_mismatch(dev
, apdev
):
2462 """DPP and PKEX with different identifiers"""
2463 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
="bar",
2464 expect_no_resp
=True)
2466 def test_dpp_pkex_identifier_mismatch2(dev
, apdev
):
2467 """DPP and PKEX with initiator using identifier and the responder not"""
2468 run_dpp_pkex(dev
, apdev
, identifier_i
="foo", identifier_r
=None,
2469 expect_no_resp
=True)
2471 def test_dpp_pkex_identifier_mismatch3(dev
, apdev
):
2472 """DPP and PKEX with responder using identifier and the initiator not"""
2473 run_dpp_pkex(dev
, apdev
, identifier_i
=None, identifier_r
="bar",
2474 expect_no_resp
=True)
2476 def run_dpp_pkex(dev
, apdev
, curve
=None, init_extra
="", check_config
=False,
2477 identifier_i
="test", identifier_r
="test",
2478 expect_no_resp
=False):
2479 check_dpp_capab(dev
[0], curve
and "brainpool" in curve
)
2480 check_dpp_capab(dev
[1], curve
and "brainpool" in curve
)
2482 id0
= dev
[0].dpp_bootstrap_gen(type="pkex", curve
=curve
)
2483 id1
= dev
[1].dpp_bootstrap_gen(type="pkex", curve
=curve
)
2485 identifier
= " identifier=" + identifier_r
if identifier_r
else ""
2486 cmd
= "DPP_PKEX_ADD own=%d%s code=secret" % (id0
, identifier
)
2487 res
= dev
[0].request(cmd
)
2489 raise Exception("Failed to set PKEX data (responder)")
2490 cmd
= "DPP_LISTEN 2437"
2491 if "OK" not in dev
[0].request(cmd
):
2492 raise Exception("Failed to start listen operation")
2494 identifier
= " identifier=" + identifier_i
if identifier_i
else ""
2495 cmd
= "DPP_PKEX_ADD own=%d%s init=1 %s code=secret" % (id1
, identifier
,
2497 res
= dev
[1].request(cmd
)
2499 raise Exception("Failed to set PKEX data (initiator)")
2502 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=10)
2504 raise Exception("DPP PKEX frame not received")
2505 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=1)
2507 raise Exception("DPP authentication succeeded")
2508 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=0.1)
2510 raise Exception("DPP authentication succeeded")
2513 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2515 raise Exception("DPP authentication did not succeed (Initiator)")
2516 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2518 raise Exception("DPP authentication did not succeed (Responder)")
2521 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
2523 raise Exception("DPP configuration not completed (Configurator)")
2524 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2526 raise Exception("DPP configuration not completed (Enrollee)")
2528 def test_dpp_pkex_5ghz(dev
, apdev
):
2529 """DPP and PKEX on 5 GHz"""
2531 dev
[0].request("SET country US")
2532 dev
[1].request("SET country US")
2533 ev
= dev
[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout
=1)
2535 ev
= dev
[0].wait_global_event(["CTRL-EVENT-REGDOM-CHANGE"],
2537 run_dpp_pkex_5ghz(dev
, apdev
)
2539 dev
[0].request("SET country 00")
2540 dev
[1].request("SET country 00")
2541 subprocess
.call(['iw', 'reg', 'set', '00'])
2544 def run_dpp_pkex_5ghz(dev
, apdev
):
2545 check_dpp_capab(dev
[0])
2546 check_dpp_capab(dev
[1])
2548 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2549 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2551 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2552 res
= dev
[0].request(cmd
)
2554 raise Exception("Failed to set PKEX data (responder)")
2555 cmd
= "DPP_LISTEN 5745"
2556 if "OK" not in dev
[0].request(cmd
):
2557 raise Exception("Failed to start listen operation")
2559 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % (id1
)
2560 res
= dev
[1].request(cmd
)
2562 raise Exception("Failed to set PKEX data (initiator)")
2564 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout
=20)
2565 if ev
is None or "DPP-AUTH-SUCCESS" not in ev
:
2566 raise Exception("DPP authentication did not succeed (Initiator)")
2567 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2569 raise Exception("DPP authentication did not succeed (Responder)")
2571 def test_dpp_pkex_test_vector(dev
, apdev
):
2572 """DPP and PKEX (P-256) test vector"""
2573 check_dpp_capab(dev
[0])
2574 check_dpp_capab(dev
[1])
2576 init_addr
= "ac:64:91:f4:52:07"
2577 resp_addr
= "6e:5e:ce:6e:f3:dd"
2579 identifier
= "joes_key"
2580 code
= "thisisreallysecret"
2582 # Initiator bootstrapping private key
2583 init_priv
= "5941b51acfc702cdc1c347264beb2920db88eb1a0bf03a211868b1632233c269"
2585 # Responder bootstrapping private key
2586 resp_priv
= "2ae8956293f49986b6d0b8169a86805d9232babb5f6813fdfe96f19d59536c60"
2588 # Initiator x/X keypair override
2589 init_x_priv
= "8365c5ed93d751bef2d92b410dc6adfd95670889183fac1bd66759ad85c3187a"
2591 # Responder y/Y keypair override
2592 resp_y_priv
= "d98faa24d7dd3f592665d71a95c862bfd02c4c48acb0c515a41cbc6e929675ea"
2594 p256_prefix
= "30310201010420"
2595 p256_postfix
= "a00a06082a8648ce3d030107"
2597 dev
[0].set("dpp_pkex_own_mac_override", resp_addr
)
2598 dev
[0].set("dpp_pkex_peer_mac_override", init_addr
)
2599 dev
[1].set("dpp_pkex_own_mac_override", init_addr
)
2600 dev
[1].set("dpp_pkex_peer_mac_override", resp_addr
)
2602 # Responder bootstrapping key
2603 id0
= dev
[0].dpp_bootstrap_gen(type="pkex",
2604 key
=p256_prefix
+ resp_priv
+ p256_postfix
)
2606 # Responder y/Y keypair override
2607 dev
[0].set("dpp_pkex_ephemeral_key_override",
2608 p256_prefix
+ resp_y_priv
+ p256_postfix
)
2610 # Initiator bootstrapping key
2611 id1
= dev
[1].dpp_bootstrap_gen(type="pkex",
2612 key
=p256_prefix
+ init_priv
+ p256_postfix
)
2614 # Initiator x/X keypair override
2615 dev
[1].set("dpp_pkex_ephemeral_key_override",
2616 p256_prefix
+ init_x_priv
+ p256_postfix
)
2618 cmd
= "DPP_PKEX_ADD own=%d identifier=%s code=%s" % (id0
, identifier
, code
)
2619 res
= dev
[0].request(cmd
)
2621 raise Exception("Failed to set PKEX data (responder)")
2622 cmd
= "DPP_LISTEN 2437"
2623 if "OK" not in dev
[0].request(cmd
):
2624 raise Exception("Failed to start listen operation")
2626 cmd
= "DPP_PKEX_ADD own=%d identifier=%s init=1 code=%s" % (id1
, identifier
, code
)
2627 res
= dev
[1].request(cmd
)
2629 raise Exception("Failed to set PKEX data (initiator)")
2631 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2633 raise Exception("DPP authentication did not succeed (Initiator)")
2634 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2636 raise Exception("DPP authentication did not succeed (Responder)")
2638 def test_dpp_pkex_code_mismatch(dev
, apdev
):
2639 """DPP and PKEX with mismatching code"""
2640 check_dpp_capab(dev
[0])
2641 check_dpp_capab(dev
[1])
2643 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2644 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2646 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2647 res
= dev
[0].request(cmd
)
2649 raise Exception("Failed to set PKEX data (responder)")
2650 cmd
= "DPP_LISTEN 2437"
2651 if "OK" not in dev
[0].request(cmd
):
2652 raise Exception("Failed to start listen operation")
2654 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2655 res
= dev
[1].request(cmd
)
2657 raise Exception("Failed to set PKEX data (initiator)")
2659 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2661 raise Exception("Failure not reported")
2662 if "possible PKEX code mismatch" not in ev
:
2663 raise Exception("Unexpected result: " + ev
)
2665 dev
[0].dump_monitor()
2666 dev
[1].dump_monitor()
2668 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2669 res
= dev
[1].request(cmd
)
2671 raise Exception("Failed to set PKEX data (initiator, retry)")
2673 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2675 raise Exception("DPP authentication did not succeed (Initiator, retry)")
2676 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2678 raise Exception("DPP authentication did not succeed (Responder, retry)")
2680 def test_dpp_pkex_code_mismatch_limit(dev
, apdev
):
2681 """DPP and PKEX with mismatching code limit"""
2682 check_dpp_capab(dev
[0])
2683 check_dpp_capab(dev
[1])
2685 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2686 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2688 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2689 res
= dev
[0].request(cmd
)
2691 raise Exception("Failed to set PKEX data (responder)")
2692 cmd
= "DPP_LISTEN 2437"
2693 if "OK" not in dev
[0].request(cmd
):
2694 raise Exception("Failed to start listen operation")
2697 dev
[0].dump_monitor()
2698 dev
[1].dump_monitor()
2699 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=unknown" % id1
2700 res
= dev
[1].request(cmd
)
2702 raise Exception("Failed to set PKEX data (initiator)")
2704 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2706 raise Exception("Failure not reported")
2707 if "possible PKEX code mismatch" not in ev
:
2708 raise Exception("Unexpected result: " + ev
)
2710 ev
= dev
[0].wait_event(["DPP-PKEX-T-LIMIT"], timeout
=1)
2712 raise Exception("PKEX t limit not reported")
2714 def test_dpp_pkex_curve_mismatch(dev
, apdev
):
2715 """DPP and PKEX with mismatching curve"""
2716 check_dpp_capab(dev
[0])
2717 check_dpp_capab(dev
[1])
2719 id0
= dev
[0].dpp_bootstrap_gen(type="pkex", curve
="P-256")
2720 id1
= dev
[1].dpp_bootstrap_gen(type="pkex", curve
="P-384")
2722 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2723 res
= dev
[0].request(cmd
)
2725 raise Exception("Failed to set PKEX data (responder)")
2726 cmd
= "DPP_LISTEN 2437"
2727 if "OK" not in dev
[0].request(cmd
):
2728 raise Exception("Failed to start listen operation")
2730 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2731 res
= dev
[1].request(cmd
)
2733 raise Exception("Failed to set PKEX data (initiator)")
2735 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2737 raise Exception("Failure not reported (dev 0)")
2738 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
2739 raise Exception("Unexpected result: " + ev
)
2741 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2743 raise Exception("Failure not reported (dev 1)")
2744 if "Peer indicated mismatching PKEX group - proposed 19" not in ev
:
2745 raise Exception("Unexpected result: " + ev
)
2747 def test_dpp_pkex_curve_mismatch_failure(dev
, apdev
):
2748 """DPP and PKEX with mismatching curve (local failure)"""
2749 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, "=dpp_pkex_rx_exchange_req")
2751 def test_dpp_pkex_curve_mismatch_failure2(dev
, apdev
):
2752 """DPP and PKEX with mismatching curve (local failure 2)"""
2753 run_dpp_pkex_curve_mismatch_failure(dev
, apdev
,
2754 "dpp_pkex_build_exchange_resp")
2756 def run_dpp_pkex_curve_mismatch_failure(dev
, apdev
, func
):
2757 check_dpp_capab(dev
[0])
2758 check_dpp_capab(dev
[1])
2760 id0
= dev
[0].dpp_bootstrap_gen(type="pkex", curve
="P-256")
2761 id1
= dev
[1].dpp_bootstrap_gen(type="pkex", curve
="P-384")
2763 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2764 res
= dev
[0].request(cmd
)
2766 raise Exception("Failed to set PKEX data (responder)")
2767 cmd
= "DPP_LISTEN 2437"
2768 if "OK" not in dev
[0].request(cmd
):
2769 raise Exception("Failed to start listen operation")
2771 with
alloc_fail(dev
[0], 1, func
):
2772 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2773 res
= dev
[1].request(cmd
)
2775 raise Exception("Failed to set PKEX data (initiator)")
2777 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
2779 raise Exception("Failure not reported (dev 0)")
2780 if "Mismatching PKEX curve: peer=20 own=19" not in ev
:
2781 raise Exception("Unexpected result: " + ev
)
2783 def test_dpp_pkex_exchange_resp_processing_failure(dev
, apdev
):
2784 """DPP and PKEX with local failure in processing Exchange Resp"""
2785 check_dpp_capab(dev
[0])
2786 check_dpp_capab(dev
[1])
2788 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2789 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2791 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2792 res
= dev
[0].request(cmd
)
2794 raise Exception("Failed to set PKEX data (responder)")
2795 cmd
= "DPP_LISTEN 2437"
2796 if "OK" not in dev
[0].request(cmd
):
2797 raise Exception("Failed to start listen operation")
2799 with
fail_test(dev
[1], 1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_resp"):
2800 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2801 res
= dev
[1].request(cmd
)
2803 raise Exception("Failed to set PKEX data (initiator)")
2804 wait_fail_trigger(dev
[1], "GET_FAIL")
2806 def test_dpp_pkex_commit_reveal_req_processing_failure(dev
, apdev
):
2807 """DPP and PKEX with local failure in processing Commit Reveal Req"""
2808 check_dpp_capab(dev
[0])
2809 check_dpp_capab(dev
[1])
2811 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2812 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2814 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2815 res
= dev
[0].request(cmd
)
2817 raise Exception("Failed to set PKEX data (responder)")
2818 cmd
= "DPP_LISTEN 2437"
2819 if "OK" not in dev
[0].request(cmd
):
2820 raise Exception("Failed to start listen operation")
2822 with
alloc_fail(dev
[0], 1,
2823 "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"):
2824 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
2825 res
= dev
[1].request(cmd
)
2827 raise Exception("Failed to set PKEX data (initiator)")
2828 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
2830 def test_dpp_pkex_config2(dev
, apdev
):
2831 """DPP and PKEX with responder as the configurator"""
2832 check_dpp_capab(dev
[0])
2834 cmd
= "DPP_CONFIGURATOR_ADD"
2835 res
= dev
[0].request(cmd
)
2837 raise Exception("Failed to add configurator")
2840 dev
[0].set("dpp_configurator_params",
2841 " conf=sta-dpp configurator=%d" % conf_id
)
2842 run_dpp_pkex2(dev
, apdev
)
2844 def run_dpp_pkex2(dev
, apdev
, curve
=None, init_extra
=""):
2845 check_dpp_capab(dev
[0])
2846 check_dpp_capab(dev
[1])
2848 id0
= dev
[0].dpp_bootstrap_gen(type="pkex", curve
=curve
)
2849 id1
= dev
[1].dpp_bootstrap_gen(type="pkex", curve
=curve
)
2851 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2852 res
= dev
[0].request(cmd
)
2854 raise Exception("Failed to set PKEX data (responder)")
2855 cmd
= "DPP_LISTEN 2437 role=configurator"
2856 if "OK" not in dev
[0].request(cmd
):
2857 raise Exception("Failed to start listen operation")
2859 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee %s code=secret" % (id1
, init_extra
)
2860 res
= dev
[1].request(cmd
)
2862 raise Exception("Failed to set PKEX data (initiator)")
2864 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2866 raise Exception("DPP authentication did not succeed (Initiator)")
2867 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2869 raise Exception("DPP authentication did not succeed (Responder)")
2871 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2873 raise Exception("DPP configuration not completed (Configurator)")
2874 ev
= dev
[1].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2876 raise Exception("DPP configuration not completed (Enrollee)")
2878 def test_dpp_pkex_no_responder(dev
, apdev
):
2879 """DPP and PKEX with no responder (retry behavior)"""
2880 check_dpp_capab(dev
[0])
2882 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2884 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
2885 res
= dev
[0].request(cmd
)
2887 raise Exception("Failed to set PKEX data (initiator)")
2890 ev
= dev
[0].wait_event(["DPP-TX ", "DPP-FAIL"], timeout
=5)
2892 raise Exception("DPP PKEX failure not reported")
2893 if "DPP-FAIL" not in ev
:
2895 if "No response from PKEX peer" not in ev
:
2896 raise Exception("Unexpected failure reason: " + ev
)
2899 def test_dpp_pkex_after_retry(dev
, apdev
):
2900 """DPP and PKEX completing after retry"""
2901 check_dpp_capab(dev
[0])
2903 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2905 cmd
= "DPP_PKEX_ADD own=%d init=1 identifier=test code=secret" % (id0
)
2906 res
= dev
[0].request(cmd
)
2908 raise Exception("Failed to set PKEX data (initiator)")
2911 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2913 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
2914 res
= dev
[1].request(cmd
)
2916 raise Exception("Failed to set PKEX data (responder)")
2917 cmd
= "DPP_LISTEN 2437"
2918 if "OK" not in dev
[1].request(cmd
):
2919 raise Exception("Failed to start listen operation")
2921 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
2923 raise Exception("DPP authentication did not succeed (Responder)")
2924 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2926 raise Exception("DPP authentication did not succeed (Initiator)")
2927 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2929 raise Exception("DPP configuration not completed (Configurator)")
2930 # Ignore Enrollee result since configurator was not set here
2932 def test_dpp_pkex_hostapd_responder(dev
, apdev
):
2933 """DPP PKEX with hostapd as responder"""
2934 check_dpp_capab(dev
[0])
2935 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2937 check_dpp_capab(hapd
)
2939 id_h
= hapd
.dpp_bootstrap_gen(type="pkex")
2941 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id_h
)
2942 res
= hapd
.request(cmd
)
2944 raise Exception("Failed to set PKEX data (responder/hostapd)")
2946 cmd
= "DPP_CONFIGURATOR_ADD"
2947 res
= dev
[0].request(cmd
)
2949 raise Exception("Failed to add configurator")
2952 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2954 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=ap-dpp configurator=%d code=secret" % (id0
, conf_id
)
2955 res
= dev
[0].request(cmd
)
2957 raise Exception("Failed to set PKEX data (initiator/wpa_supplicant)")
2959 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2961 raise Exception("DPP authentication did not succeed (Initiator)")
2962 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
2964 raise Exception("DPP authentication did not succeed (Responder)")
2965 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
2967 raise Exception("DPP configuration not completed (Configurator)")
2968 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2970 raise Exception("DPP configuration not completed (Enrollee)")
2971 dev
[0].request("DPP_STOP_LISTEN")
2972 dev
[0].dump_monitor()
2974 def test_dpp_pkex_hostapd_initiator(dev
, apdev
):
2975 """DPP PKEX with hostapd as initiator"""
2976 check_dpp_capab(dev
[0])
2977 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
2979 check_dpp_capab(hapd
)
2981 cmd
= "DPP_CONFIGURATOR_ADD"
2982 res
= dev
[0].request(cmd
)
2984 raise Exception("Failed to add configurator")
2987 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
2989 dev
[0].set("dpp_configurator_params",
2990 " conf=ap-dpp configurator=%d" % conf_id
)
2992 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
2993 res
= dev
[0].request(cmd
)
2995 raise Exception("Failed to set PKEX data (responder/wpa_supplicant)")
2997 cmd
= "DPP_LISTEN 2437 role=configurator"
2998 if "OK" not in dev
[0].request(cmd
):
2999 raise Exception("Failed to start listen operation")
3001 id_h
= hapd
.dpp_bootstrap_gen(type="pkex")
3003 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 role=enrollee code=secret" % (id_h
)
3004 res
= hapd
.request(cmd
)
3006 raise Exception("Failed to set PKEX data (initiator/hostapd)")
3008 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3010 raise Exception("DPP authentication did not succeed (Initiator)")
3011 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3013 raise Exception("DPP authentication did not succeed (Responder)")
3014 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3016 raise Exception("DPP configuration not completed (Configurator)")
3017 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3019 raise Exception("DPP configuration not completed (Enrollee)")
3020 dev
[0].request("DPP_STOP_LISTEN")
3021 dev
[0].dump_monitor()
3023 def test_dpp_hostapd_configurator(dev
, apdev
):
3024 """DPP with hostapd as configurator/initiator"""
3025 check_dpp_capab(dev
[0])
3026 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3028 check_dpp_capab(hapd
)
3030 cmd
= "DPP_CONFIGURATOR_ADD"
3031 res
= hapd
.request(cmd
)
3033 raise Exception("Failed to add configurator")
3036 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
3037 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3039 id1
= hapd
.dpp_qr_code(uri0
)
3041 res
= hapd
.request("DPP_BOOTSTRAP_INFO %d" % id0
)
3043 raise Exception("DPP_BOOTSTRAP_INFO failed")
3044 if "type=QRCODE" not in res
:
3045 raise Exception("DPP_BOOTSTRAP_INFO did not report correct type")
3046 if "mac_addr=" + dev
[0].own_addr() not in res
:
3047 raise Exception("DPP_BOOTSTRAP_INFO did not report correct mac_addr")
3049 cmd
= "DPP_LISTEN 2412"
3050 if "OK" not in dev
[0].request(cmd
):
3051 raise Exception("Failed to start listen operation")
3052 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3053 if "OK" not in hapd
.request(cmd
):
3054 raise Exception("Failed to initiate DPP Authentication")
3056 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3058 raise Exception("DPP authentication did not succeed (Responder)")
3059 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3061 raise Exception("DPP authentication did not succeed (Initiator)")
3062 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3064 raise Exception("DPP configuration not completed (Configurator)")
3065 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3067 raise Exception("DPP configuration not completed (Enrollee)")
3068 dev
[0].request("DPP_STOP_LISTEN")
3069 dev
[0].dump_monitor()
3071 def test_dpp_hostapd_configurator_responder(dev
, apdev
):
3072 """DPP with hostapd as configurator/responder"""
3073 check_dpp_capab(dev
[0])
3074 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured",
3076 check_dpp_capab(hapd
)
3078 cmd
= "DPP_CONFIGURATOR_ADD"
3079 res
= hapd
.request(cmd
)
3081 raise Exception("Failed to add configurator")
3084 hapd
.set("dpp_configurator_params",
3085 " conf=sta-dpp configurator=%d" % conf_id
)
3087 id0
= hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
3088 uri0
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3090 id1
= dev
[0].dpp_qr_code(uri0
)
3092 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3093 if "OK" not in dev
[0].request(cmd
):
3094 raise Exception("Failed to initiate DPP Authentication")
3096 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3098 raise Exception("DPP authentication did not succeed (Responder)")
3099 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3101 raise Exception("DPP authentication did not succeed (Initiator)")
3102 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3104 raise Exception("DPP configuration not completed (Configurator)")
3105 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3107 raise Exception("DPP configuration not completed (Enrollee)")
3108 dev
[0].request("DPP_STOP_LISTEN")
3109 dev
[0].dump_monitor()
3111 def test_dpp_own_config(dev
, apdev
):
3112 """DPP configurator signing own connector"""
3114 run_dpp_own_config(dev
, apdev
)
3116 dev
[0].set("dpp_config_processing", "0")
3118 def test_dpp_own_config_group_id(dev
, apdev
):
3119 """DPP configurator signing own connector"""
3121 run_dpp_own_config(dev
, apdev
, extra
=" group_id=test-group")
3123 dev
[0].set("dpp_config_processing", "0")
3125 def test_dpp_own_config_curve_mismatch(dev
, apdev
):
3126 """DPP configurator signing own connector using mismatching curve"""
3128 run_dpp_own_config(dev
, apdev
, own_curve
="BP-384", expect_failure
=True)
3130 dev
[0].set("dpp_config_processing", "0")
3132 def run_dpp_own_config(dev
, apdev
, own_curve
=None, expect_failure
=False,
3134 check_dpp_capab(dev
[0], own_curve
and "BP" in own_curve
)
3135 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3136 check_dpp_capab(hapd
)
3138 id_h
= hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
3139 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3141 cmd
= "DPP_CONFIGURATOR_ADD"
3142 res
= dev
[0].request(cmd
)
3144 raise Exception("Failed to add configurator")
3147 id = dev
[0].dpp_qr_code(uri
)
3149 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d%s" % (id, conf_id
, extra
)
3150 if "OK" not in dev
[0].request(cmd
):
3151 raise Exception("Failed to initiate DPP Authentication")
3152 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3154 raise Exception("DPP authentication did not succeed (Responder)")
3155 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3157 raise Exception("DPP authentication did not succeed (Initiator)")
3158 ev
= dev
[0].wait_event(["DPP-CONF-SENT"], timeout
=5)
3160 raise Exception("DPP configuration not completed (Configurator)")
3161 ev
= hapd
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3163 raise Exception("DPP configuration not completed (Enrollee)")
3165 update_hapd_config(hapd
)
3167 dev
[0].set("dpp_config_processing", "1")
3168 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d%s" % (conf_id
, extra
)
3170 cmd
+= " curve=" + own_curve
3171 res
= dev
[0].request(cmd
)
3173 raise Exception("Failed to generate own configuration")
3175 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
3177 raise Exception("DPP network profile not generated")
3178 id = ev
.split(' ')[1]
3179 dev
[0].select_network(id, freq
="2412")
3181 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=1)
3183 raise Exception("Unexpected connection")
3184 dev
[0].request("DISCONNECT")
3186 dev
[0].wait_connected()
3188 def test_dpp_own_config_ap(dev
, apdev
):
3189 """DPP configurator (AP) signing own connector"""
3191 run_dpp_own_config_ap(dev
, apdev
)
3193 dev
[0].set("dpp_config_processing", "0")
3195 def test_dpp_own_config_ap_group_id(dev
, apdev
):
3196 """DPP configurator (AP) signing own connector (group_id)"""
3198 run_dpp_own_config_ap(dev
, apdev
, extra
=" group_id=test-group")
3200 dev
[0].set("dpp_config_processing", "0")
3202 def test_dpp_own_config_ap_reconf(dev
, apdev
):
3203 """DPP configurator (AP) signing own connector and configurator reconf"""
3205 run_dpp_own_config_ap(dev
, apdev
)
3207 dev
[0].set("dpp_config_processing", "0")
3209 def run_dpp_own_config_ap(dev
, apdev
, reconf_configurator
=False, extra
=""):
3210 check_dpp_capab(dev
[0])
3211 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3212 check_dpp_capab(hapd
)
3214 cmd
= "DPP_CONFIGURATOR_ADD"
3215 res
= hapd
.request(cmd
)
3217 raise Exception("Failed to add configurator")
3220 if reconf_configurator
:
3221 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
3222 if "FAIL" in csign
or len(csign
) == 0:
3223 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
3225 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d%s" % (conf_id
, extra
)
3226 res
= hapd
.request(cmd
)
3228 raise Exception("Failed to generate own configuration")
3229 update_hapd_config(hapd
)
3231 if reconf_configurator
:
3232 res
= hapd
.request("DPP_CONFIGURATOR_REMOVE %d" % conf_id
)
3234 raise Exception("DPP_CONFIGURATOR_REMOVE failed")
3235 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
3236 res
= hapd
.request(cmd
)
3238 raise Exception("Failed to add configurator (reconf)")
3241 id = dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
3242 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
3244 id = hapd
.dpp_qr_code(uri
)
3246 dev
[0].set("dpp_config_processing", "2")
3247 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
3248 raise Exception("Failed to start listen operation")
3249 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d%s" % (id, conf_id
, extra
)
3250 if "OK" not in hapd
.request(cmd
):
3251 raise Exception("Failed to initiate DPP Authentication")
3252 ev
= hapd
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3254 raise Exception("DPP authentication did not succeed (Initiator)")
3255 ev
= hapd
.wait_event(["DPP-CONF-SENT"], timeout
=5)
3257 raise Exception("DPP configuration not completed (Configurator)")
3258 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
3260 raise Exception("DPP configuration not completed (Enrollee)")
3261 if "DPP-CONF-RECEIVED" not in ev
:
3262 raise Exception("DPP configuration failed (Enrollee)")
3264 dev
[0].wait_connected()
3266 def test_dpp_intro_mismatch(dev
, apdev
):
3267 """DPP network introduction mismatch cases"""
3270 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3271 wpas
.interface_add("wlan5")
3272 check_dpp_capab(wpas
)
3273 run_dpp_intro_mismatch(dev
, apdev
, wpas
)
3275 dev
[0].set("dpp_config_processing", "0")
3276 dev
[2].set("dpp_config_processing", "0")
3278 wpas
.set("dpp_config_processing", "0")
3280 def run_dpp_intro_mismatch(dev
, apdev
, wpas
):
3281 check_dpp_capab(dev
[0])
3282 check_dpp_capab(dev
[1])
3283 check_dpp_capab(dev
[2])
3285 logger
.info("Start AP in unconfigured state")
3286 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
3287 check_dpp_capab(hapd
)
3289 id_h
= hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
3290 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id_h
)
3292 logger
.info("Provision AP with DPP configuration")
3293 res
= dev
[1].request("DPP_CONFIGURATOR_ADD")
3295 raise Exception("Failed to add configurator")
3298 id = dev
[1].dpp_qr_code(uri
)
3300 dev
[1].set("dpp_groups_override", '[{"groupId":"a","netRole":"ap"}]')
3301 cmd
= "DPP_AUTH_INIT peer=%d conf=ap-dpp configurator=%d" % (id, conf_id
)
3302 if "OK" not in dev
[1].request(cmd
):
3303 raise Exception("Failed to initiate DPP Authentication")
3304 update_hapd_config(hapd
)
3306 logger
.info("Provision STA0 with DPP Connector that has mismatching groupId")
3307 dev
[0].set("dpp_config_processing", "2")
3308 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
3309 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3311 id1
= dev
[1].dpp_qr_code(uri0
)
3313 cmd
= "DPP_LISTEN 2412"
3314 if "OK" not in dev
[0].request(cmd
):
3315 raise Exception("Failed to start listen operation")
3317 dev
[1].set("dpp_groups_override", '[{"groupId":"b","netRole":"sta"}]')
3318 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3319 if "OK" not in dev
[1].request(cmd
):
3320 raise Exception("Failed to initiate DPP Authentication")
3321 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3323 raise Exception("DPP configuration not completed (Configurator for STA0)")
3324 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3326 raise Exception("DPP configuration not completed (Enrollee STA0)")
3328 logger
.info("Provision STA2 with DPP Connector that has mismatching C-sign-key")
3329 dev
[2].set("dpp_config_processing", "2")
3330 id2
= dev
[2].dpp_bootstrap_gen(chan
="81/1", mac
=True)
3331 uri2
= dev
[2].request("DPP_BOOTSTRAP_GET_URI %d" % id2
)
3333 id1
= dev
[1].dpp_qr_code(uri2
)
3335 cmd
= "DPP_LISTEN 2412"
3336 if "OK" not in dev
[2].request(cmd
):
3337 raise Exception("Failed to start listen operation")
3339 res
= dev
[1].request("DPP_CONFIGURATOR_ADD")
3341 raise Exception("Failed to add configurator")
3342 conf_id_2
= int(res
)
3343 dev
[1].set("dpp_groups_override", '')
3344 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id_2
)
3345 if "OK" not in dev
[1].request(cmd
):
3346 raise Exception("Failed to initiate DPP Authentication")
3347 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3349 raise Exception("DPP configuration not completed (Configurator for STA2)")
3350 ev
= dev
[2].wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3352 raise Exception("DPP configuration not completed (Enrollee STA2)")
3354 logger
.info("Provision STA5 with DPP Connector that has mismatching netAccessKey EC group")
3355 wpas
.set("dpp_config_processing", "2")
3356 id5
= wpas
.dpp_bootstrap_gen(chan
="81/1", mac
=True, curve
="P-521")
3357 uri5
= wpas
.request("DPP_BOOTSTRAP_GET_URI %d" % id5
)
3359 id1
= dev
[1].dpp_qr_code(uri5
)
3361 cmd
= "DPP_LISTEN 2412"
3362 if "OK" not in wpas
.request(cmd
):
3363 raise Exception("Failed to start listen operation")
3365 dev
[1].set("dpp_groups_override", '')
3366 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
3367 if "OK" not in dev
[1].request(cmd
):
3368 raise Exception("Failed to initiate DPP Authentication")
3369 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=5)
3371 raise Exception("DPP configuration not completed (Configurator for STA0)")
3372 ev
= wpas
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
3374 raise Exception("DPP configuration not completed (Enrollee STA5)")
3376 logger
.info("Verify network introduction results")
3377 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
3379 raise Exception("DPP network introduction result not seen on STA0")
3380 if "status=8" not in ev
:
3381 raise Exception("Unexpected network introduction result on STA0: " + ev
)
3383 ev
= dev
[2].wait_event(["DPP-INTRO"], timeout
=5)
3385 raise Exception("DPP network introduction result not seen on STA2")
3386 if "status=8" not in ev
:
3387 raise Exception("Unexpected network introduction result on STA2: " + ev
)
3389 ev
= wpas
.wait_event(["DPP-INTRO"], timeout
=10)
3391 raise Exception("DPP network introduction result not seen on STA5")
3392 if "status=7" not in ev
:
3393 raise Exception("Unexpected network introduction result on STA5: " + ev
)
3395 def run_dpp_proto_init(dev
, test_dev
, test
, mutual
=False, unicast
=True,
3396 listen
=True, chan
="81/1", init_enrollee
=False,
3397 incompatible_roles
=False):
3398 check_dpp_capab(dev
[0])
3399 check_dpp_capab(dev
[1])
3400 dev
[test_dev
].set("dpp_test", str(test
))
3402 cmd
= "DPP_CONFIGURATOR_ADD"
3404 res
= dev
[0].request(cmd
)
3406 res
= dev
[1].request(cmd
)
3408 raise Exception("Failed to add configurator")
3411 id0
= dev
[0].dpp_bootstrap_gen(chan
=chan
, mac
=unicast
)
3412 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
3414 id1
= dev
[1].dpp_qr_code(uri0
)
3417 id1b
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
3418 uri1b
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b
)
3420 id0b
= dev
[0].dpp_qr_code(uri1b
)
3422 cmd
= "DPP_LISTEN 2412 qr=mutual"
3424 cmd
= "DPP_LISTEN 2412"
3427 if incompatible_roles
:
3428 cmd
+= " role=enrollee"
3430 cmd
+= " role=configurator"
3431 dev
[0].set("dpp_configurator_params",
3432 " conf=sta-dpp configurator=%d" % conf_id
)
3433 elif incompatible_roles
:
3434 cmd
+= " role=enrollee"
3437 if "OK" not in dev
[0].request(cmd
):
3438 raise Exception("Failed to start listen operation")
3441 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % (id1
)
3443 cmd
= "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1
, conf_id
)
3444 if incompatible_roles
:
3445 cmd
+= " role=enrollee"
3447 cmd
+= " own=%d" % id1b
3448 if "OK" not in dev
[1].request(cmd
):
3449 raise Exception("Failed to initiate DPP Authentication")
3451 def test_dpp_proto_after_wrapped_data_auth_req(dev
, apdev
):
3452 """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
3453 run_dpp_proto_init(dev
, 1, 1)
3454 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3456 raise Exception("DPP Authentication Request not seen")
3457 if "type=0" not in ev
or "ignore=invalid-attributes" not in ev
:
3458 raise Exception("Unexpected RX info: " + ev
)
3459 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3461 raise Exception("Unexpected DPP message seen")
3463 def test_dpp_auth_req_stop_after_ack(dev
, apdev
):
3464 """DPP initiator stopping after ACK, but no response"""
3465 run_dpp_proto_init(dev
, 1, 1, listen
=True)
3466 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3468 raise Exception("Authentication failure not reported")
3470 def test_dpp_auth_req_retries(dev
, apdev
):
3471 """DPP initiator retries with no ACK"""
3472 check_dpp_capab(dev
[1])
3473 dev
[1].set("dpp_init_max_tries", "3")
3474 dev
[1].set("dpp_init_retry_time", "1000")
3475 dev
[1].set("dpp_resp_wait_time", "100")
3476 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False)
3479 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3481 raise Exception("Auth Req not sent (%d)" % i
)
3483 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3485 raise Exception("Authentication failure not reported")
3487 def test_dpp_auth_req_retries_multi_chan(dev
, apdev
):
3488 """DPP initiator retries with no ACK and multiple channels"""
3489 check_dpp_capab(dev
[1])
3490 dev
[1].set("dpp_init_max_tries", "3")
3491 dev
[1].set("dpp_init_retry_time", "1000")
3492 dev
[1].set("dpp_resp_wait_time", "100")
3493 run_dpp_proto_init(dev
, 1, 1, unicast
=False, listen
=False,
3494 chan
="81/1,81/6,81/11")
3496 for i
in range(3 * 3):
3497 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3499 raise Exception("Auth Req not sent (%d)" % i
)
3501 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3503 raise Exception("Authentication failure not reported")
3505 def test_dpp_proto_after_wrapped_data_auth_resp(dev
, apdev
):
3506 """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
3507 run_dpp_proto_init(dev
, 0, 2)
3508 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
3510 raise Exception("DPP Authentication Response not seen")
3511 if "type=1" not in ev
or "ignore=invalid-attributes" not in ev
:
3512 raise Exception("Unexpected RX info: " + ev
)
3513 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3514 if ev
is None or "type=0" not in ev
:
3515 raise Exception("DPP Authentication Request not seen")
3516 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3518 raise Exception("Unexpected DPP message seen")
3520 def test_dpp_proto_after_wrapped_data_auth_conf(dev
, apdev
):
3521 """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
3522 run_dpp_proto_init(dev
, 1, 3)
3523 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3524 if ev
is None or "type=0" not in ev
:
3525 raise Exception("DPP Authentication Request not seen")
3526 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
3528 raise Exception("DPP Authentication Confirm not seen")
3529 if "type=2" not in ev
or "ignore=invalid-attributes" not in ev
:
3530 raise Exception("Unexpected RX info: " + ev
)
3532 def test_dpp_proto_after_wrapped_data_conf_req(dev
, apdev
):
3533 """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
3534 run_dpp_proto_init(dev
, 0, 6)
3535 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3537 raise Exception("DPP Configuration failure not seen")
3539 def test_dpp_proto_after_wrapped_data_conf_resp(dev
, apdev
):
3540 """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
3541 run_dpp_proto_init(dev
, 1, 7)
3542 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=10)
3544 raise Exception("DPP Configuration failure not seen")
3546 def test_dpp_proto_zero_i_capab(dev
, apdev
):
3547 """DPP protocol testing - zero I-capability in Auth Req"""
3548 run_dpp_proto_init(dev
, 1, 8)
3549 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3551 raise Exception("DPP failure not seen")
3552 if "Invalid role in I-capabilities 0x00" not in ev
:
3553 raise Exception("Unexpected failure: " + ev
)
3554 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3556 raise Exception("Unexpected DPP message seen")
3558 def test_dpp_proto_zero_r_capab(dev
, apdev
):
3559 """DPP protocol testing - zero R-capability in Auth Resp"""
3560 run_dpp_proto_init(dev
, 0, 9)
3561 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3563 raise Exception("DPP failure not seen")
3564 if "Unexpected role in R-capabilities 0x00" not in ev
:
3565 raise Exception("Unexpected failure: " + ev
)
3566 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3567 if ev
is None or "type=0" not in ev
:
3568 raise Exception("DPP Authentication Request not seen")
3569 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3571 raise Exception("Unexpected DPP message seen")
3573 def run_dpp_proto_auth_req_missing(dev
, test
, reason
, mutual
=False):
3574 run_dpp_proto_init(dev
, 1, test
, mutual
=mutual
)
3575 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3577 raise Exception("DPP failure not seen")
3578 if reason
not in ev
:
3579 raise Exception("Unexpected failure: " + ev
)
3580 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=0.1)
3582 raise Exception("Unexpected DPP message seen")
3584 def test_dpp_proto_auth_req_no_r_bootstrap_key(dev
, apdev
):
3585 """DPP protocol testing - no R-bootstrap key in Auth Req"""
3586 run_dpp_proto_auth_req_missing(dev
, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
3588 def test_dpp_proto_auth_req_invalid_r_bootstrap_key(dev
, apdev
):
3589 """DPP protocol testing - invalid R-bootstrap key in Auth Req"""
3590 run_dpp_proto_auth_req_missing(dev
, 68, "No matching own bootstrapping key found - ignore message")
3592 def test_dpp_proto_auth_req_no_i_bootstrap_key(dev
, apdev
):
3593 """DPP protocol testing - no I-bootstrap key in Auth Req"""
3594 run_dpp_proto_auth_req_missing(dev
, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
3596 def test_dpp_proto_auth_req_invalid_i_bootstrap_key(dev
, apdev
):
3597 """DPP protocol testing - invalid I-bootstrap key in Auth Req"""
3598 run_dpp_proto_init(dev
, 1, 69, mutual
=True)
3599 ev
= dev
[0].wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=5)
3601 raise Exception("DPP scan request not seen")
3602 ev
= dev
[1].wait_event(["DPP-RESPONSE-PENDING"], timeout
=5)
3604 raise Exception("DPP response pending indivation not seen")
3606 def test_dpp_proto_auth_req_no_i_proto_key(dev
, apdev
):
3607 """DPP protocol testing - no I-proto key in Auth Req"""
3608 run_dpp_proto_auth_req_missing(dev
, 12, "Missing required Initiator Protocol Key attribute")
3610 def test_dpp_proto_auth_req_invalid_i_proto_key(dev
, apdev
):
3611 """DPP protocol testing - invalid I-proto key in Auth Req"""
3612 run_dpp_proto_auth_req_missing(dev
, 66, "Invalid Initiator Protocol Key")
3614 def test_dpp_proto_auth_req_no_i_nonce(dev
, apdev
):
3615 """DPP protocol testing - no I-nonce in Auth Req"""
3616 run_dpp_proto_auth_req_missing(dev
, 13, "Missing or invalid I-nonce")
3618 def test_dpp_proto_auth_req_invalid_i_nonce(dev
, apdev
):
3619 """DPP protocol testing - invalid I-nonce in Auth Req"""
3620 run_dpp_proto_auth_req_missing(dev
, 81, "Missing or invalid I-nonce")
3622 def test_dpp_proto_auth_req_no_i_capab(dev
, apdev
):
3623 """DPP protocol testing - no I-capab in Auth Req"""
3624 run_dpp_proto_auth_req_missing(dev
, 14, "Missing or invalid I-capab")
3626 def test_dpp_proto_auth_req_no_wrapped_data(dev
, apdev
):
3627 """DPP protocol testing - no Wrapped Data in Auth Req"""
3628 run_dpp_proto_auth_req_missing(dev
, 15, "Missing or invalid required Wrapped Data attribute")
3630 def run_dpp_proto_auth_resp_missing(dev
, test
, reason
,
3631 incompatible_roles
=False):
3632 run_dpp_proto_init(dev
, 0, test
, mutual
=True,
3633 incompatible_roles
=incompatible_roles
)
3637 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3639 raise Exception("DPP failure not seen")
3640 if reason
not in ev
:
3641 raise Exception("Unexpected failure: " + ev
)
3642 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3643 if ev
is None or "type=0" not in ev
:
3644 raise Exception("DPP Authentication Request not seen")
3645 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3647 raise Exception("Unexpected DPP message seen")
3649 def test_dpp_proto_auth_resp_no_status(dev
, apdev
):
3650 """DPP protocol testing - no Status in Auth Resp"""
3651 run_dpp_proto_auth_resp_missing(dev
, 16, "Missing or invalid required DPP Status attribute")
3653 def test_dpp_proto_auth_resp_status_no_status(dev
, apdev
):
3654 """DPP protocol testing - no Status in Auth Resp(status)"""
3655 run_dpp_proto_auth_resp_missing(dev
, 16,
3656 "Missing or invalid required DPP Status attribute",
3657 incompatible_roles
=True)
3659 def test_dpp_proto_auth_resp_invalid_status(dev
, apdev
):
3660 """DPP protocol testing - invalid Status in Auth Resp"""
3661 run_dpp_proto_auth_resp_missing(dev
, 74, "Responder reported failure")
3663 def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev
, apdev
):
3664 """DPP protocol testing - no R-bootstrap key in Auth Resp"""
3665 run_dpp_proto_auth_resp_missing(dev
, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
3667 def test_dpp_proto_auth_resp_status_no_r_bootstrap_key(dev
, apdev
):
3668 """DPP protocol testing - no R-bootstrap key in Auth Resp(status)"""
3669 run_dpp_proto_auth_resp_missing(dev
, 17,
3670 "Missing or invalid required Responder Bootstrapping Key Hash attribute",
3671 incompatible_roles
=True)
3673 def test_dpp_proto_auth_resp_invalid_r_bootstrap_key(dev
, apdev
):
3674 """DPP protocol testing - invalid R-bootstrap key in Auth Resp"""
3675 run_dpp_proto_auth_resp_missing(dev
, 70, "Unexpected Responder Bootstrapping Key Hash value")
3677 def test_dpp_proto_auth_resp_status_invalid_r_bootstrap_key(dev
, apdev
):
3678 """DPP protocol testing - invalid R-bootstrap key in Auth Resp(status)"""
3679 run_dpp_proto_auth_resp_missing(dev
, 70,
3680 "Unexpected Responder Bootstrapping Key Hash value",
3681 incompatible_roles
=True)
3683 def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev
, apdev
):
3684 """DPP protocol testing - no I-bootstrap key in Auth Resp"""
3685 run_dpp_proto_auth_resp_missing(dev
, 18, None)
3687 def test_dpp_proto_auth_resp_status_no_i_bootstrap_key(dev
, apdev
):
3688 """DPP protocol testing - no I-bootstrap key in Auth Resp(status)"""
3689 run_dpp_proto_auth_resp_missing(dev
, 18, None, incompatible_roles
=True)
3691 def test_dpp_proto_auth_resp_invalid_i_bootstrap_key(dev
, apdev
):
3692 """DPP protocol testing - invalid I-bootstrap key in Auth Resp"""
3693 run_dpp_proto_auth_resp_missing(dev
, 71, "Initiator Bootstrapping Key Hash attribute did not match")
3695 def test_dpp_proto_auth_resp_status_invalid_i_bootstrap_key(dev
, apdev
):
3696 """DPP protocol testing - invalid I-bootstrap key in Auth Resp(status)"""
3697 run_dpp_proto_auth_resp_missing(dev
, 71,
3698 "Initiator Bootstrapping Key Hash attribute did not match",
3699 incompatible_roles
=True)
3701 def test_dpp_proto_auth_resp_no_r_proto_key(dev
, apdev
):
3702 """DPP protocol testing - no R-Proto Key in Auth Resp"""
3703 run_dpp_proto_auth_resp_missing(dev
, 19, "Missing required Responder Protocol Key attribute")
3705 def test_dpp_proto_auth_resp_invalid_r_proto_key(dev
, apdev
):
3706 """DPP protocol testing - invalid R-Proto Key in Auth Resp"""
3707 run_dpp_proto_auth_resp_missing(dev
, 67, "Invalid Responder Protocol Key")
3709 def test_dpp_proto_auth_resp_no_r_nonce(dev
, apdev
):
3710 """DPP protocol testing - no R-nonce in Auth Resp"""
3711 run_dpp_proto_auth_resp_missing(dev
, 20, "Missing or invalid R-nonce")
3713 def test_dpp_proto_auth_resp_no_i_nonce(dev
, apdev
):
3714 """DPP protocol testing - no I-nonce in Auth Resp"""
3715 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce")
3717 def test_dpp_proto_auth_resp_status_no_i_nonce(dev
, apdev
):
3718 """DPP protocol testing - no I-nonce in Auth Resp(status)"""
3719 run_dpp_proto_auth_resp_missing(dev
, 21, "Missing or invalid I-nonce",
3720 incompatible_roles
=True)
3722 def test_dpp_proto_auth_resp_no_r_capab(dev
, apdev
):
3723 """DPP protocol testing - no R-capab in Auth Resp"""
3724 run_dpp_proto_auth_resp_missing(dev
, 22, "Missing or invalid R-capabilities")
3726 def test_dpp_proto_auth_resp_no_r_auth(dev
, apdev
):
3727 """DPP protocol testing - no R-auth in Auth Resp"""
3728 run_dpp_proto_auth_resp_missing(dev
, 23, "Missing or invalid Secondary Wrapped Data")
3730 def test_dpp_proto_auth_resp_no_wrapped_data(dev
, apdev
):
3731 """DPP protocol testing - no Wrapped Data in Auth Resp"""
3732 run_dpp_proto_auth_resp_missing(dev
, 24, "Missing or invalid required Wrapped Data attribute")
3734 def test_dpp_proto_auth_resp_i_nonce_mismatch(dev
, apdev
):
3735 """DPP protocol testing - I-nonce mismatch in Auth Resp"""
3736 run_dpp_proto_init(dev
, 0, 30, mutual
=True)
3737 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3739 raise Exception("DPP failure not seen")
3740 if "I-nonce mismatch" not in ev
:
3741 raise Exception("Unexpected failure: " + ev
)
3742 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=1)
3743 if ev
is None or "type=0" not in ev
:
3744 raise Exception("DPP Authentication Request not seen")
3745 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=0.1)
3747 raise Exception("Unexpected DPP message seen")
3749 def test_dpp_proto_auth_resp_incompatible_r_capab(dev
, apdev
):
3750 """DPP protocol testing - Incompatible R-capab in Auth Resp"""
3751 run_dpp_proto_init(dev
, 0, 31, mutual
=True)
3752 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3754 raise Exception("DPP failure not seen")
3755 if "Unexpected role in R-capabilities 0x02" not in ev
:
3756 raise Exception("Unexpected failure: " + ev
)
3757 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3759 raise Exception("DPP failure not seen")
3760 if "Peer reported incompatible R-capab role" not in ev
:
3761 raise Exception("Unexpected failure: " + ev
)
3763 def test_dpp_proto_auth_resp_r_auth_mismatch(dev
, apdev
):
3764 """DPP protocol testing - R-auth mismatch in Auth Resp"""
3765 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
3766 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3768 raise Exception("DPP failure not seen")
3769 if "Mismatching Responder Authenticating Tag" not in ev
:
3770 raise Exception("Unexpected failure: " + ev
)
3771 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3773 raise Exception("DPP failure not seen")
3774 if "Peer reported authentication failure" not in ev
:
3775 raise Exception("Unexpected failure: " + ev
)
3777 def test_dpp_proto_auth_resp_r_auth_mismatch_failure(dev
, apdev
):
3778 """DPP protocol testing - Auth Conf RX processing failure"""
3779 with
alloc_fail(dev
[0], 1, "dpp_auth_conf_rx_failure"):
3780 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
3781 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3783 raise Exception("DPP failure not seen")
3784 if "Authentication failed" not in ev
:
3785 raise Exception("Unexpected failure: " + ev
)
3787 def test_dpp_proto_auth_resp_r_auth_mismatch_failure2(dev
, apdev
):
3788 """DPP protocol testing - Auth Conf RX processing failure 2"""
3789 with
fail_test(dev
[0], 1, "dpp_auth_conf_rx_failure"):
3790 run_dpp_proto_init(dev
, 0, 32, mutual
=True)
3791 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3793 raise Exception("DPP failure not seen")
3794 if "AES-SIV decryption failed" not in ev
:
3795 raise Exception("Unexpected failure: " + ev
)
3797 def run_dpp_proto_auth_conf_missing(dev
, test
, reason
):
3798 run_dpp_proto_init(dev
, 1, test
, mutual
=True)
3802 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3804 raise Exception("DPP failure not seen")
3805 if reason
not in ev
:
3806 raise Exception("Unexpected failure: " + ev
)
3808 def test_dpp_proto_auth_conf_no_status(dev
, apdev
):
3809 """DPP protocol testing - no Status in Auth Conf"""
3810 run_dpp_proto_auth_conf_missing(dev
, 25, "Missing or invalid required DPP Status attribute")
3812 def test_dpp_proto_auth_conf_invalid_status(dev
, apdev
):
3813 """DPP protocol testing - invalid Status in Auth Conf"""
3814 run_dpp_proto_auth_conf_missing(dev
, 75, "Authentication failed")
3816 def test_dpp_proto_auth_conf_no_r_bootstrap_key(dev
, apdev
):
3817 """DPP protocol testing - no R-bootstrap key in Auth Conf"""
3818 run_dpp_proto_auth_conf_missing(dev
, 26, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
3820 def test_dpp_proto_auth_conf_invalid_r_bootstrap_key(dev
, apdev
):
3821 """DPP protocol testing - invalid R-bootstrap key in Auth Conf"""
3822 run_dpp_proto_auth_conf_missing(dev
, 72, "Responder Bootstrapping Key Hash mismatch")
3824 def test_dpp_proto_auth_conf_no_i_bootstrap_key(dev
, apdev
):
3825 """DPP protocol testing - no I-bootstrap key in Auth Conf"""
3826 run_dpp_proto_auth_conf_missing(dev
, 27, "Missing Initiator Bootstrapping Key Hash attribute")
3828 def test_dpp_proto_auth_conf_invalid_i_bootstrap_key(dev
, apdev
):
3829 """DPP protocol testing - invalid I-bootstrap key in Auth Conf"""
3830 run_dpp_proto_auth_conf_missing(dev
, 73, "Initiator Bootstrapping Key Hash mismatch")
3832 def test_dpp_proto_auth_conf_no_i_auth(dev
, apdev
):
3833 """DPP protocol testing - no I-Auth in Auth Conf"""
3834 run_dpp_proto_auth_conf_missing(dev
, 28, "Missing or invalid Initiator Authenticating Tag")
3836 def test_dpp_proto_auth_conf_no_wrapped_data(dev
, apdev
):
3837 """DPP protocol testing - no Wrapped Data in Auth Conf"""
3838 run_dpp_proto_auth_conf_missing(dev
, 29, "Missing or invalid required Wrapped Data attribute")
3840 def test_dpp_proto_auth_conf_i_auth_mismatch(dev
, apdev
):
3841 """DPP protocol testing - I-auth mismatch in Auth Conf"""
3842 run_dpp_proto_init(dev
, 1, 33, mutual
=True)
3843 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3845 raise Exception("DPP failure not seen")
3846 if "Mismatching Initiator Authenticating Tag" not in ev
:
3847 raise Excception("Unexpected failure: " + ev
)
3849 def test_dpp_proto_auth_conf_replaced_by_resp(dev
, apdev
):
3850 """DPP protocol testing - Auth Conf replaced by Resp"""
3851 run_dpp_proto_init(dev
, 1, 65, mutual
=True)
3852 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3854 raise Exception("DPP failure not seen")
3855 if "Unexpected Authentication Response" not in ev
:
3856 raise Excception("Unexpected failure: " + ev
)
3858 def run_dpp_proto_conf_req_missing(dev
, test
, reason
):
3859 run_dpp_proto_init(dev
, 0, test
)
3860 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
3862 raise Exception("DPP failure not seen")
3863 if reason
not in ev
:
3864 raise Exception("Unexpected failure: " + ev
)
3866 def test_dpp_proto_conf_req_no_e_nonce(dev
, apdev
):
3867 """DPP protocol testing - no E-nonce in Conf Req"""
3868 run_dpp_proto_conf_req_missing(dev
, 51,
3869 "Missing or invalid Enrollee Nonce attribute")
3871 def test_dpp_proto_conf_req_invalid_e_nonce(dev
, apdev
):
3872 """DPP protocol testing - invalid E-nonce in Conf Req"""
3873 run_dpp_proto_conf_req_missing(dev
, 83,
3874 "Missing or invalid Enrollee Nonce attribute")
3876 def test_dpp_proto_conf_req_no_config_attr_obj(dev
, apdev
):
3877 """DPP protocol testing - no Config Attr Obj in Conf Req"""
3878 run_dpp_proto_conf_req_missing(dev
, 52,
3879 "Missing or invalid Config Attributes attribute")
3881 def test_dpp_proto_conf_req_invalid_config_attr_obj(dev
, apdev
):
3882 """DPP protocol testing - invalid Config Attr Obj in Conf Req"""
3883 run_dpp_proto_conf_req_missing(dev
, 76,
3884 "Unsupported wi-fi_tech")
3886 def test_dpp_proto_conf_req_no_wrapped_data(dev
, apdev
):
3887 """DPP protocol testing - no Wrapped Data in Conf Req"""
3888 run_dpp_proto_conf_req_missing(dev
, 53,
3889 "Missing or invalid required Wrapped Data attribute")
3891 def run_dpp_proto_conf_resp_missing(dev
, test
, reason
):
3892 run_dpp_proto_init(dev
, 1, test
)
3893 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
3895 raise Exception("DPP failure not seen")
3896 if reason
not in ev
:
3897 raise Exception("Unexpected failure: " + ev
)
3899 def test_dpp_proto_conf_resp_no_e_nonce(dev
, apdev
):
3900 """DPP protocol testing - no E-nonce in Conf Resp"""
3901 run_dpp_proto_conf_resp_missing(dev
, 54,
3902 "Missing or invalid Enrollee Nonce attribute")
3904 def test_dpp_proto_conf_resp_no_config_obj(dev
, apdev
):
3905 """DPP protocol testing - no Config Object in Conf Resp"""
3906 run_dpp_proto_conf_resp_missing(dev
, 55,
3907 "Missing required Configuration Object attribute")
3909 def test_dpp_proto_conf_resp_no_status(dev
, apdev
):
3910 """DPP protocol testing - no Status in Conf Resp"""
3911 run_dpp_proto_conf_resp_missing(dev
, 56,
3912 "Missing or invalid required DPP Status attribute")
3914 def test_dpp_proto_conf_resp_no_wrapped_data(dev
, apdev
):
3915 """DPP protocol testing - no Wrapped Data in Conf Resp"""
3916 run_dpp_proto_conf_resp_missing(dev
, 57,
3917 "Missing or invalid required Wrapped Data attribute")
3919 def test_dpp_proto_conf_resp_invalid_status(dev
, apdev
):
3920 """DPP protocol testing - invalid Status in Conf Resp"""
3921 run_dpp_proto_conf_resp_missing(dev
, 58,
3922 "Configurator rejected configuration")
3924 def test_dpp_proto_conf_resp_e_nonce_mismatch(dev
, apdev
):
3925 """DPP protocol testing - E-nonce mismatch in Conf Resp"""
3926 run_dpp_proto_conf_resp_missing(dev
, 59,
3927 "Enrollee Nonce mismatch")
3929 def test_dpp_proto_stop_at_auth_req(dev
, apdev
):
3930 """DPP protocol testing - stop when receiving Auth Req"""
3931 run_dpp_proto_init(dev
, 0, 87)
3932 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
3934 raise Exception("Authentication init failure not reported")
3936 def test_dpp_proto_stop_at_auth_resp(dev
, apdev
):
3937 """DPP protocol testing - stop when receiving Auth Resp"""
3938 run_dpp_proto_init(dev
, 1, 88)
3940 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
3942 raise Exception("Auth Req TX not seen")
3944 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
3946 raise Exception("Auth Resp TX not seen")
3948 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
3950 raise Exception("Unexpected Auth Conf TX")
3952 def test_dpp_proto_stop_at_auth_conf(dev
, apdev
):
3953 """DPP protocol testing - stop when receiving Auth Conf"""
3954 run_dpp_proto_init(dev
, 0, 89, init_enrollee
=True)
3955 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=10)
3957 raise Exception("Enrollee did not start GAS")
3958 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=10)
3960 raise Exception("Enrollee did not time out GAS")
3961 if "result=TIMEOUT" not in ev
:
3962 raise Exception("Unexpected GAS result: " + ev
)
3964 def test_dpp_proto_stop_at_auth_conf_tx(dev
, apdev
):
3965 """DPP protocol testing - stop when transmitting Auth Conf (Registrar)"""
3966 run_dpp_proto_init(dev
, 1, 89, init_enrollee
=True)
3967 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
3969 raise Exception("Authentication did not succeed (Initiator)")
3970 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3972 raise Exception("Authentication did not succeed (Responder)")
3973 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=0.1)
3975 raise Exception("Unexpected GAS query")
3977 # There is currently no timeout on GAS server side, so no event to wait for
3980 def test_dpp_proto_stop_at_auth_conf_tx2(dev
, apdev
):
3981 """DPP protocol testing - stop when transmitting Auth Conf (Enrollee)"""
3982 run_dpp_proto_init(dev
, 1, 89)
3983 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=10)
3985 raise Exception("Authentication did not succeed (Initiator)")
3986 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
3988 raise Exception("Authentication did not succeed (Responder)")
3990 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
3991 if ev
is None or "result=TIMEOUT" not in ev
:
3992 raise Exception("GAS query did not time out")
3994 def test_dpp_proto_stop_at_conf_req(dev
, apdev
):
3995 """DPP protocol testing - stop when receiving Auth Req"""
3996 run_dpp_proto_init(dev
, 1, 90)
3997 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=10)
3999 raise Exception("Enrollee did not start GAS")
4000 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
4002 raise Exception("Enrollee did not time out GAS")
4003 if "result=TIMEOUT" not in ev
:
4004 raise Exception("Unexpected GAS result: " + ev
)
4006 def run_dpp_proto_init_pkex(dev
, test_dev
, test
):
4007 check_dpp_capab(dev
[0])
4008 check_dpp_capab(dev
[1])
4009 dev
[test_dev
].set("dpp_test", str(test
))
4011 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
4012 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
4014 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4015 res
= dev
[0].request(cmd
)
4017 raise Exception("Failed to set PKEX data (responder)")
4018 cmd
= "DPP_LISTEN 2437"
4019 if "OK" not in dev
[0].request(cmd
):
4020 raise Exception("Failed to start listen operation")
4022 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
4023 res
= dev
[1].request(cmd
)
4025 raise Exception("Failed to set PKEX data (initiator)")
4027 def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev
, apdev
):
4028 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
4029 run_dpp_proto_init_pkex(dev
, 1, 4)
4030 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4031 if ev
is None or "type=7" not in ev
:
4032 raise Exception("PKEX Exchange Request not seen")
4033 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4034 if ev
is None or "type=9" not in ev
:
4035 raise Exception("PKEX Commit-Reveal Request not seen")
4036 if "ignore=invalid-attributes" not in ev
:
4037 raise Exception("Unexpected RX info: " + ev
)
4039 def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev
, apdev
):
4040 """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
4041 run_dpp_proto_init_pkex(dev
, 0, 5)
4042 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4043 if ev
is None or "type=8" not in ev
:
4044 raise Exception("PKEX Exchange Response not seen")
4045 ev
= dev
[1].wait_event(["DPP-RX"], timeout
=5)
4046 if ev
is None or "type=10" not in ev
:
4047 raise Exception("PKEX Commit-Reveal Response not seen")
4048 if "ignore=invalid-attributes" not in ev
:
4049 raise Exception("Unexpected RX info: " + ev
)
4051 def run_dpp_proto_pkex_req_missing(dev
, test
, reason
):
4052 run_dpp_proto_init_pkex(dev
, 1, test
)
4053 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
4055 raise Exception("DPP failure not seen")
4056 if reason
not in ev
:
4057 raise Exception("Unexpected failure: " + ev
)
4059 def run_dpp_proto_pkex_resp_missing(dev
, test
, reason
):
4060 run_dpp_proto_init_pkex(dev
, 0, test
)
4061 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4063 raise Exception("DPP failure not seen")
4064 if reason
not in ev
:
4065 raise Exception("Unexpected failure: " + ev
)
4067 def test_dpp_proto_pkex_exchange_req_no_finite_cyclic_group(dev
, apdev
):
4068 """DPP protocol testing - no Finite Cyclic Group in PKEX Exchange Request"""
4069 run_dpp_proto_pkex_req_missing(dev
, 34,
4070 "Missing or invalid Finite Cyclic Group attribute")
4072 def test_dpp_proto_pkex_exchange_req_no_encrypted_key(dev
, apdev
):
4073 """DPP protocol testing - no Encrypted Key in PKEX Exchange Request"""
4074 run_dpp_proto_pkex_req_missing(dev
, 35,
4075 "Missing Encrypted Key attribute")
4077 def test_dpp_proto_pkex_exchange_resp_no_status(dev
, apdev
):
4078 """DPP protocol testing - no Status in PKEX Exchange Response"""
4079 run_dpp_proto_pkex_resp_missing(dev
, 36, "No DPP Status attribute")
4081 def test_dpp_proto_pkex_exchange_resp_no_encrypted_key(dev
, apdev
):
4082 """DPP protocol testing - no Encrypted Key in PKEX Exchange Response"""
4083 run_dpp_proto_pkex_resp_missing(dev
, 37, "Missing Encrypted Key attribute")
4085 def test_dpp_proto_pkex_cr_req_no_bootstrap_key(dev
, apdev
):
4086 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Request"""
4087 run_dpp_proto_pkex_req_missing(dev
, 38,
4088 "No valid peer bootstrapping key found")
4090 def test_dpp_proto_pkex_cr_req_no_i_auth_tag(dev
, apdev
):
4091 """DPP protocol testing - no I-Auth Tag in PKEX Commit-Reveal Request"""
4092 run_dpp_proto_pkex_req_missing(dev
, 39, "No valid u (I-Auth tag) found")
4094 def test_dpp_proto_pkex_cr_req_no_wrapped_data(dev
, apdev
):
4095 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Request"""
4096 run_dpp_proto_pkex_req_missing(dev
, 40, "Missing or invalid required Wrapped Data attribute")
4098 def test_dpp_proto_pkex_cr_resp_no_bootstrap_key(dev
, apdev
):
4099 """DPP protocol testing - no Bootstrap Key in PKEX Commit-Reveal Response"""
4100 run_dpp_proto_pkex_resp_missing(dev
, 41,
4101 "No valid peer bootstrapping key found")
4103 def test_dpp_proto_pkex_cr_resp_no_r_auth_tag(dev
, apdev
):
4104 """DPP protocol testing - no R-Auth Tag in PKEX Commit-Reveal Response"""
4105 run_dpp_proto_pkex_resp_missing(dev
, 42, "No valid v (R-Auth tag) found")
4107 def test_dpp_proto_pkex_cr_resp_no_wrapped_data(dev
, apdev
):
4108 """DPP protocol testing - no Wrapped Data in PKEX Commit-Reveal Response"""
4109 run_dpp_proto_pkex_resp_missing(dev
, 43, "Missing or invalid required Wrapped Data attribute")
4111 def test_dpp_proto_pkex_exchange_req_invalid_encrypted_key(dev
, apdev
):
4112 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Request"""
4113 run_dpp_proto_pkex_req_missing(dev
, 44,
4114 "Invalid Encrypted Key value")
4116 def test_dpp_proto_pkex_exchange_resp_invalid_encrypted_key(dev
, apdev
):
4117 """DPP protocol testing - invalid Encrypted Key in PKEX Exchange Response"""
4118 run_dpp_proto_pkex_resp_missing(dev
, 45,
4119 "Invalid Encrypted Key value")
4121 def test_dpp_proto_pkex_exchange_resp_invalid_status(dev
, apdev
):
4122 """DPP protocol testing - invalid Status in PKEX Exchange Response"""
4123 run_dpp_proto_pkex_resp_missing(dev
, 46,
4124 "PKEX failed (peer indicated failure)")
4126 def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev
, apdev
):
4127 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request"""
4128 run_dpp_proto_pkex_req_missing(dev
, 47,
4129 "Peer bootstrapping key is invalid")
4131 def test_dpp_proto_pkex_cr_resp_invalid_bootstrap_key(dev
, apdev
):
4132 """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Response"""
4133 run_dpp_proto_pkex_resp_missing(dev
, 48,
4134 "Peer bootstrapping key is invalid")
4136 def test_dpp_proto_pkex_cr_req_i_auth_tag_mismatch(dev
, apdev
):
4137 """DPP protocol testing - I-auth tag mismatch in PKEX Commit-Reveal Request"""
4138 run_dpp_proto_pkex_req_missing(dev
, 49, "No valid u (I-Auth tag) found")
4140 def test_dpp_proto_pkex_cr_resp_r_auth_tag_mismatch(dev
, apdev
):
4141 """DPP protocol testing - R-auth tag mismatch in PKEX Commit-Reveal Response"""
4142 run_dpp_proto_pkex_resp_missing(dev
, 50, "No valid v (R-Auth tag) found")
4144 def test_dpp_proto_stop_at_pkex_exchange_resp(dev
, apdev
):
4145 """DPP protocol testing - stop when receiving PKEX Exchange Response"""
4146 run_dpp_proto_init_pkex(dev
, 1, 84)
4148 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4150 raise Exception("PKEX Exchange Req TX not seen")
4152 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4154 raise Exception("PKEX Exchange Resp not seen")
4156 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4158 raise Exception("Unexpected PKEX CR Req TX")
4160 def test_dpp_proto_stop_at_pkex_cr_req(dev
, apdev
):
4161 """DPP protocol testing - stop when receiving PKEX CR Request"""
4162 run_dpp_proto_init_pkex(dev
, 0, 85)
4164 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4166 raise Exception("PKEX Exchange Req TX not seen")
4168 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4170 raise Exception("PKEX Exchange Resp not seen")
4172 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4174 raise Exception("PKEX CR Req TX not seen")
4176 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=0.1)
4178 raise Exception("Unexpected PKEX CR Resp TX")
4180 def test_dpp_proto_stop_at_pkex_cr_resp(dev
, apdev
):
4181 """DPP protocol testing - stop when receiving PKEX CR Response"""
4182 run_dpp_proto_init_pkex(dev
, 1, 86)
4184 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4186 raise Exception("PKEX Exchange Req TX not seen")
4188 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4190 raise Exception("PKEX Exchange Resp not seen")
4192 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=5)
4194 raise Exception("PKEX CR Req TX not seen")
4196 ev
= dev
[0].wait_event(["DPP-TX "], timeout
=5)
4198 raise Exception("PKEX CR Resp TX not seen")
4200 ev
= dev
[1].wait_event(["DPP-TX "], timeout
=0.1)
4202 raise Exception("Unexpected Auth Req TX")
4204 def test_dpp_proto_network_introduction(dev
, apdev
):
4205 """DPP protocol testing - network introduction"""
4206 check_dpp_capab(dev
[0])
4207 check_dpp_capab(dev
[1])
4209 params
= { "ssid": "dpp",
4211 "wpa_key_mgmt": "DPP",
4213 "rsn_pairwise": "CCMP",
4214 "dpp_connector": params1_ap_connector
,
4215 "dpp_csign": params1_csign
,
4216 "dpp_netaccesskey": params1_ap_netaccesskey
}
4218 hapd
= hostapd
.add_ap(apdev
[0], params
)
4220 raise HwsimSkip("DPP not supported")
4222 for test
in [ 60, 61, 80, 82 ]:
4223 dev
[0].set("dpp_test", str(test
))
4224 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4225 dpp_csign
=params1_csign
,
4226 dpp_connector
=params1_sta_connector
,
4227 dpp_netaccesskey
=params1_sta_netaccesskey
,
4230 ev
= dev
[0].wait_event(["DPP-TX"], timeout
=10)
4231 if ev
is None or "type=5" not in ev
:
4232 raise Exception("Peer Discovery Request TX not reported")
4233 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=2)
4234 if ev
is None or "result=SUCCESS" not in ev
:
4235 raise Exception("Peer Discovery Request TX status not reported")
4237 ev
= hapd
.wait_event(["DPP-RX"], timeout
=10)
4238 if ev
is None or "type=5" not in ev
:
4239 raise Exception("Peer Discovery Request RX not reported")
4242 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4244 raise Exception("DPP-INTRO not reported for test 80")
4245 if "status=7" not in ev
:
4246 raise Exception("Unexpected result in test 80: " + ev
)
4248 dev
[0].request("REMOVE_NETWORK all")
4249 dev
[0].dump_monitor()
4251 dev
[0].set("dpp_test", "0")
4253 for test
in [ 62, 63, 64, 77, 78, 79 ]:
4254 hapd
.set("dpp_test", str(test
))
4255 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4256 dpp_csign
=params1_csign
,
4257 dpp_connector
=params1_sta_connector
,
4258 dpp_netaccesskey
=params1_sta_netaccesskey
,
4261 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
4263 raise Exception("Peer introduction result not reported (test %d)" % test
)
4265 if "fail=transaction_id_mismatch" not in ev
:
4266 raise Exception("Connector validation failure not reported")
4268 if "status=254" not in ev
:
4269 raise Exception("Invalid status value not reported")
4271 if "fail=peer_connector_validation_failed" not in ev
:
4272 raise Exception("Connector validation failure not reported")
4273 elif "status=" in ev
:
4274 raise Exception("Unexpected peer introduction result (test %d): " % test
+ ev
)
4276 dev
[0].request("REMOVE_NETWORK all")
4277 dev
[0].dump_monitor()
4279 hapd
.set("dpp_test", "0")
4281 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412", ieee80211w
="2",
4282 dpp_csign
=params1_csign
, dpp_connector
=params1_sta_connector
,
4283 dpp_netaccesskey
=params1_sta_netaccesskey
)
4285 def test_dpp_qr_code_no_chan_list_unicast(dev
, apdev
):
4286 """DPP QR Code and no channel list (unicast)"""
4287 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, None)
4289 def test_dpp_qr_code_chan_list_unicast(dev
, apdev
):
4290 """DPP QR Code and 2.4 GHz channels (unicast)"""
4291 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417,
4292 "81/1,81/2,81/3,81/4,81/5,81/6,81/7,81/8,81/9,81/10,81/11,81/12,81/13")
4294 def test_dpp_qr_code_chan_list_no_peer_unicast(dev
, apdev
):
4295 """DPP QR Code and channel list and no peer (unicast)"""
4296 run_dpp_qr_code_chan_list(dev
, apdev
, True, 2417, "81/1,81/6,81/11",
4298 ev
= dev
[1].wait_event(["DPP-AUTH-INIT-FAILED"], timeout
=5)
4300 raise Exception("Initiation failure not reported")
4302 def test_dpp_qr_code_no_chan_list_broadcast(dev
, apdev
):
4303 """DPP QR Code and no channel list (broadcast)"""
4304 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, None)
4306 def test_dpp_qr_code_chan_list_broadcast(dev
, apdev
):
4307 """DPP QR Code and some 2.4 GHz channels (broadcast)"""
4308 run_dpp_qr_code_chan_list(dev
, apdev
, False, 2412, "81/1,81/6,81/11",
4311 def run_dpp_qr_code_chan_list(dev
, apdev
, unicast
, listen_freq
, chanlist
,
4312 no_wait
=False, timeout
=5):
4313 check_dpp_capab(dev
[0])
4314 check_dpp_capab(dev
[1])
4315 dev
[1].set("dpp_init_max_tries", "3")
4316 dev
[1].set("dpp_init_retry_time", "100")
4317 dev
[1].set("dpp_resp_wait_time", "1000")
4319 logger
.info("dev0 displays QR Code")
4320 id0
= dev
[0].dpp_bootstrap_gen(chan
=chanlist
, mac
=unicast
)
4321 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4323 logger
.info("dev1 scans QR Code")
4324 id1
= dev
[1].dpp_qr_code(uri0
)
4326 logger
.info("dev1 initiates DPP Authentication")
4327 cmd
= "DPP_LISTEN %d" % listen_freq
4328 if "OK" not in dev
[0].request(cmd
):
4329 raise Exception("Failed to start listen operation")
4330 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4331 if "OK" not in dev
[1].request(cmd
):
4332 raise Exception("Failed to initiate DPP Authentication")
4335 ev
= dev
[0].wait_event(["DPP-AUTH-SUCCESS"], timeout
=timeout
)
4337 raise Exception("DPP authentication did not succeed (Responder)")
4338 ev
= dev
[1].wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4340 raise Exception("DPP authentication did not succeed (Initiator)")
4341 ev
= dev
[0].wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"], timeout
=5)
4343 raise Exception("DPP configuration not completed (Enrollee)")
4344 dev
[0].request("DPP_STOP_LISTEN")
4345 dev
[0].dump_monitor()
4346 dev
[1].dump_monitor()
4348 def test_dpp_qr_code_chan_list_no_match(dev
, apdev
):
4349 """DPP QR Code and no matching supported channel"""
4350 check_dpp_capab(dev
[0])
4351 check_dpp_capab(dev
[1])
4353 id0
= dev
[0].dpp_bootstrap_gen(chan
="123/123")
4354 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4356 id1
= dev
[1].dpp_qr_code(uri0
)
4358 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4359 if "FAIL" not in dev
[1].request(cmd
):
4360 raise Exception("DPP Authentication started unexpectedly")
4362 def test_dpp_pkex_alloc_fail(dev
, apdev
):
4363 """DPP/PKEX and memory allocation failures"""
4364 check_dpp_capab(dev
[0])
4365 check_dpp_capab(dev
[1])
4367 tests
= [ (1, "=dpp_keygen_configurator"),
4368 (1, "base64_gen_encode;dpp_keygen_configurator") ]
4369 for count
, func
in tests
:
4370 with
alloc_fail(dev
[1], count
, func
):
4371 cmd
= "DPP_CONFIGURATOR_ADD"
4372 res
= dev
[1].request(cmd
)
4373 if "FAIL" not in res
:
4374 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4376 cmd
= "DPP_CONFIGURATOR_ADD"
4377 res
= dev
[1].request(cmd
)
4379 raise Exception("Failed to add configurator")
4382 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
4383 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
4385 # Local error cases on the Initiator
4386 tests
= [ (1, "dpp_get_pubkey_point"),
4387 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"),
4388 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"),
4389 (1, "dpp_alloc_msg;dpp_auth_build_req"),
4390 (1, "dpp_alloc_msg;dpp_auth_build_conf"),
4391 (1, "dpp_bootstrap_key_hash"),
4392 (1, "dpp_auth_init"),
4393 (1, "=dpp_auth_resp_rx"),
4394 (2, "=dpp_auth_resp_rx"),
4395 (1, "dpp_build_conf_start"),
4396 (1, "dpp_build_conf_obj_dpp"),
4397 (2, "dpp_build_conf_obj_dpp"),
4398 (3, "dpp_build_conf_obj_dpp"),
4399 (4, "dpp_build_conf_obj_dpp"),
4400 (5, "dpp_build_conf_obj_dpp"),
4401 (6, "dpp_build_conf_obj_dpp"),
4402 (7, "dpp_build_conf_obj_dpp"),
4403 (8, "dpp_build_conf_obj_dpp"),
4404 (1, "dpp_conf_req_rx"),
4405 (2, "dpp_conf_req_rx"),
4406 (3, "dpp_conf_req_rx"),
4407 (4, "dpp_conf_req_rx"),
4408 (5, "dpp_conf_req_rx"),
4409 (6, "dpp_conf_req_rx"),
4410 (7, "dpp_conf_req_rx"),
4411 (1, "dpp_pkex_init"),
4412 (2, "dpp_pkex_init"),
4413 (3, "dpp_pkex_init"),
4414 (1, "dpp_pkex_derive_z"),
4415 (1, "=dpp_pkex_rx_commit_reveal_resp"),
4416 (1, "dpp_get_pubkey_point;dpp_build_jwk"),
4417 (2, "dpp_get_pubkey_point;dpp_build_jwk"),
4418 (1, "dpp_get_pubkey_point;dpp_auth_init") ]
4419 for count
, func
in tests
:
4420 dev
[0].request("DPP_STOP_LISTEN")
4421 dev
[1].request("DPP_STOP_LISTEN")
4422 dev
[0].dump_monitor()
4423 dev
[1].dump_monitor()
4425 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4426 res
= dev
[0].request(cmd
)
4428 raise Exception("Failed to set PKEX data (responder)")
4429 cmd
= "DPP_LISTEN 2437"
4430 if "OK" not in dev
[0].request(cmd
):
4431 raise Exception("Failed to start listen operation")
4433 with
alloc_fail(dev
[1], count
, func
):
4434 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4436 wait_fail_trigger(dev
[1], "GET_ALLOC_FAIL", max_iter
=100)
4437 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4439 dev
[0].request("DPP_STOP_LISTEN")
4440 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4442 # Local error cases on the Responder
4443 tests
= [ (1, "dpp_get_pubkey_point"),
4444 (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"),
4445 (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"),
4446 (1, "dpp_alloc_msg;dpp_auth_build_resp"),
4447 (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"),
4448 (1, "=dpp_auth_req_rx"),
4449 (2, "=dpp_auth_req_rx"),
4450 (1, "=dpp_auth_conf_rx"),
4451 (1, "json_parse;dpp_parse_jws_prot_hdr"),
4452 (1, "json_get_member_base64url;dpp_parse_jws_prot_hdr"),
4453 (1, "json_get_member_base64url;dpp_parse_jwk"),
4454 (2, "json_get_member_base64url;dpp_parse_jwk"),
4455 (1, "json_parse;dpp_parse_connector"),
4456 (1, "dpp_parse_jwk;dpp_parse_connector"),
4457 (1, "dpp_parse_jwk;dpp_parse_cred_dpp"),
4458 (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"),
4459 (1, "base64_gen_decode;dpp_process_signed_connector"),
4460 (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"),
4461 (2, "base64_gen_decode;dpp_process_signed_connector"),
4462 (3, "base64_gen_decode;dpp_process_signed_connector"),
4463 (4, "base64_gen_decode;dpp_process_signed_connector"),
4464 (1, "json_parse;dpp_parse_conf_obj"),
4465 (1, "dpp_conf_resp_rx"),
4466 (1, "=dpp_pkex_derive_z"),
4467 (1, "=dpp_pkex_rx_exchange_req"),
4468 (2, "=dpp_pkex_rx_exchange_req"),
4469 (3, "=dpp_pkex_rx_exchange_req"),
4470 (1, "=dpp_pkex_rx_commit_reveal_req"),
4471 (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"),
4472 (1, "dpp_bootstrap_key_hash") ]
4473 for count
, func
in tests
:
4474 dev
[0].request("DPP_STOP_LISTEN")
4475 dev
[1].request("DPP_STOP_LISTEN")
4476 dev
[0].dump_monitor()
4477 dev
[1].dump_monitor()
4479 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4480 res
= dev
[0].request(cmd
)
4482 raise Exception("Failed to set PKEX data (responder)")
4483 cmd
= "DPP_LISTEN 2437"
4484 if "OK" not in dev
[0].request(cmd
):
4485 raise Exception("Failed to start listen operation")
4487 with
alloc_fail(dev
[0], count
, func
):
4488 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4490 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL", max_iter
=100)
4491 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4493 dev
[0].request("DPP_STOP_LISTEN")
4494 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4496 def test_dpp_pkex_test_fail(dev
, apdev
):
4497 """DPP/PKEX and local failures"""
4498 check_dpp_capab(dev
[0])
4499 check_dpp_capab(dev
[1])
4501 tests
= [ (1, "dpp_keygen_configurator") ]
4502 for count
, func
in tests
:
4503 with
fail_test(dev
[1], count
, func
):
4504 cmd
= "DPP_CONFIGURATOR_ADD"
4505 res
= dev
[1].request(cmd
)
4506 if "FAIL" not in res
:
4507 raise Exception("Unexpected DPP_CONFIGURATOR_ADD success")
4509 tests
= [ (1, "dpp_keygen") ]
4510 for count
, func
in tests
:
4511 with
fail_test(dev
[1], count
, func
):
4512 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
4513 res
= dev
[1].request(cmd
)
4514 if "FAIL" not in res
:
4515 raise Exception("Unexpected DPP_BOOTSTRAP_GEN success")
4517 cmd
= "DPP_CONFIGURATOR_ADD"
4518 res
= dev
[1].request(cmd
)
4520 raise Exception("Failed to add configurator")
4523 id0
= dev
[0].dpp_bootstrap_gen(type="pkex")
4524 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
4526 # Local error cases on the Initiator
4527 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_req"),
4528 (1, "os_get_random;dpp_auth_init"),
4529 (1, "dpp_derive_k1;dpp_auth_init"),
4530 (1, "dpp_hkdf_expand;dpp_derive_k1;dpp_auth_init"),
4531 (1, "dpp_gen_i_auth;dpp_auth_build_conf"),
4532 (1, "aes_siv_encrypt;dpp_auth_build_conf"),
4533 (1, "dpp_derive_k2;dpp_auth_resp_rx"),
4534 (1, "dpp_hkdf_expand;dpp_derive_k2;dpp_auth_resp_rx"),
4535 (1, "dpp_derive_ke;dpp_auth_resp_rx"),
4536 (1, "dpp_hkdf_expand;dpp_derive_ke;dpp_auth_resp_rx"),
4537 (1, "dpp_gen_r_auth;dpp_auth_resp_rx"),
4538 (1, "aes_siv_encrypt;dpp_build_conf_resp"),
4539 (1, "dpp_pkex_derive_Qi;dpp_pkex_build_exchange_req"),
4540 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_req"),
4541 (1, "hmac_sha256_vector;dpp_pkex_rx_exchange_resp"),
4542 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_resp"),
4543 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_resp"),
4544 (1, "dpp_bootstrap_key_hash") ]
4545 for count
, func
in tests
:
4546 dev
[0].request("DPP_STOP_LISTEN")
4547 dev
[1].request("DPP_STOP_LISTEN")
4548 dev
[0].dump_monitor()
4549 dev
[1].dump_monitor()
4551 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4552 res
= dev
[0].request(cmd
)
4554 raise Exception("Failed to set PKEX data (responder)")
4555 cmd
= "DPP_LISTEN 2437"
4556 if "OK" not in dev
[0].request(cmd
):
4557 raise Exception("Failed to start listen operation")
4559 with
fail_test(dev
[1], count
, func
):
4560 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4562 wait_fail_trigger(dev
[1], "GET_FAIL", max_iter
=100)
4563 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4565 dev
[0].request("DPP_STOP_LISTEN")
4566 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4568 # Local error cases on the Responder
4569 tests
= [ (1, "aes_siv_encrypt;dpp_auth_build_resp"),
4570 (1, "aes_siv_encrypt;dpp_auth_build_resp;dpp_auth_build_resp_ok"),
4571 (1, "os_get_random;dpp_build_conf_req"),
4572 (1, "aes_siv_encrypt;dpp_build_conf_req"),
4573 (1, "os_get_random;dpp_auth_build_resp_ok"),
4574 (1, "dpp_derive_k2;dpp_auth_build_resp_ok"),
4575 (1, "dpp_derive_ke;dpp_auth_build_resp_ok"),
4576 (1, "dpp_gen_r_auth;dpp_auth_build_resp_ok"),
4577 (1, "aes_siv_encrypt;dpp_auth_build_resp_ok"),
4578 (1, "dpp_derive_k1;dpp_auth_req_rx"),
4579 (1, "aes_siv_decrypt;dpp_auth_req_rx"),
4580 (1, "aes_siv_decrypt;dpp_auth_conf_rx"),
4581 (1, "dpp_gen_i_auth;dpp_auth_conf_rx"),
4582 (1, "dpp_check_pubkey_match"),
4583 (1, "aes_siv_decrypt;dpp_conf_resp_rx"),
4584 (1, "hmac_sha256_kdf;dpp_pkex_derive_z"),
4585 (1, "dpp_pkex_derive_Qi;dpp_pkex_rx_exchange_req"),
4586 (1, "dpp_pkex_derive_Qr;dpp_pkex_rx_exchange_req"),
4587 (1, "aes_siv_encrypt;dpp_pkex_build_commit_reveal_resp"),
4588 (1, "aes_siv_decrypt;dpp_pkex_rx_commit_reveal_req"),
4589 (1, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req"),
4590 (2, "hmac_sha256_vector;dpp_pkex_rx_commit_reveal_req") ]
4591 for count
, func
in tests
:
4592 dev
[0].request("DPP_STOP_LISTEN")
4593 dev
[1].request("DPP_STOP_LISTEN")
4594 dev
[0].dump_monitor()
4595 dev
[1].dump_monitor()
4597 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0
)
4598 res
= dev
[0].request(cmd
)
4600 raise Exception("Failed to set PKEX data (responder)")
4601 cmd
= "DPP_LISTEN 2437"
4602 if "OK" not in dev
[0].request(cmd
):
4603 raise Exception("Failed to start listen operation")
4605 with
fail_test(dev
[0], count
, func
):
4606 cmd
= "DPP_PKEX_ADD own=%d identifier=test init=1 conf=sta-dpp configurator=%d code=secret" % (id1
, conf_id
)
4608 wait_fail_trigger(dev
[0], "GET_FAIL", max_iter
=100)
4609 ev
= dev
[0].wait_event(["GAS-QUERY-START"], timeout
=0.01)
4611 dev
[0].request("DPP_STOP_LISTEN")
4612 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=3)
4614 def test_dpp_keygen_configurator_error(dev
, apdev
):
4615 """DPP Configurator keygen error case"""
4616 check_dpp_capab(dev
[0])
4617 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD curve=unknown"):
4618 raise Exception("Unexpected success of invalid DPP_CONFIGURATOR_ADD")
4620 def rx_process_frame(dev
):
4622 if "OK" not in dev
.request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(
4623 msg
['freq'], msg
['datarate'], msg
['ssi_signal'], binascii
.hexlify(msg
['frame']).decode())):
4624 raise Exception("MGMT_RX_PROCESS failed")
4627 def wait_auth_success(responder
, initiator
):
4628 ev
= responder
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4630 raise Exception("DPP authentication did not succeed (Responder)")
4631 ev
= initiator
.wait_event(["DPP-AUTH-SUCCESS"], timeout
=5)
4633 raise Exception("DPP authentication did not succeed (Initiator)")
4635 def wait_conf_completion(configurator
, enrollee
):
4636 ev
= configurator
.wait_event(["DPP-CONF-SENT"], timeout
=5)
4638 raise Exception("DPP configuration not completed (Configurator)")
4639 ev
= enrollee
.wait_event(["DPP-CONF-RECEIVED", "DPP-CONF-FAILED"],
4642 raise Exception("DPP configuration not completed (Enrollee)")
4645 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4646 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4648 id1
= dev
[1].dpp_qr_code(uri0
)
4650 conf
= '{"wi-fi_tech":"infra", "discovery":{"ssid":"test"},"cred":{"akm":"psk","pass":"secret passphrase"}}' + 3000*' '
4651 dev
[0].set("dpp_config_obj_override", conf
)
4653 dev
[0].set("ext_mgmt_frame_handling", "1")
4654 cmd
= "DPP_LISTEN 2412"
4655 if "OK" not in dev
[0].request(cmd
):
4656 raise Exception("Failed to start listen operation")
4657 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
4658 if "OK" not in dev
[1].request(cmd
):
4659 raise Exception("Failed to initiate DPP Authentication")
4661 def test_dpp_gas_timeout_handling(dev
, apdev
):
4662 """DPP and GAS timeout handling"""
4663 check_dpp_capab(dev
[0])
4664 check_dpp_capab(dev
[1])
4667 # DPP Authentication Request
4668 rx_process_frame(dev
[0])
4670 # DPP Authentication Confirmation
4671 rx_process_frame(dev
[0])
4673 wait_auth_success(dev
[0], dev
[1])
4675 # DPP Configuration Request (GAS Initial Request frame)
4676 rx_process_frame(dev
[0])
4678 # DPP Configuration Request (GAS Comeback Request frame)
4679 rx_process_frame(dev
[0])
4681 # Wait for GAS timeout
4682 ev
= dev
[1].wait_event(["DPP-CONF-FAILED"], timeout
=5)
4684 raise Exception("DPP configuration not completed (Enrollee)")
4686 def test_dpp_gas_comeback_after_failure(dev
, apdev
):
4687 """DPP and GAS comeback after failure"""
4688 check_dpp_capab(dev
[0])
4689 check_dpp_capab(dev
[1])
4692 # DPP Authentication Request
4693 rx_process_frame(dev
[0])
4695 # DPP Authentication Confirmation
4696 rx_process_frame(dev
[0])
4698 wait_auth_success(dev
[0], dev
[1])
4700 # DPP Configuration Request (GAS Initial Request frame)
4701 rx_process_frame(dev
[0])
4703 # DPP Configuration Request (GAS Comeback Request frame)
4704 msg
= dev
[0].mgmt_rx()
4705 frame
= binascii
.hexlify(msg
['frame']).decode()
4706 with
alloc_fail(dev
[0], 1, "gas_build_comeback_resp;gas_server_handle_rx_comeback_req"):
4707 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4708 raise Exception("MGMT_RX_PROCESS failed")
4709 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
4710 # Try the same frame again - this is expected to fail since the response has
4711 # already been freed.
4712 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4713 raise Exception("MGMT_RX_PROCESS failed")
4715 # DPP Configuration Request (GAS Comeback Request frame retry)
4716 msg
= dev
[0].mgmt_rx()
4718 def test_dpp_gas(dev
, apdev
):
4719 """DPP and GAS protocol testing"""
4720 check_dpp_capab(dev
[0])
4721 check_dpp_capab(dev
[1])
4724 # DPP Authentication Request
4725 rx_process_frame(dev
[0])
4727 # DPP Authentication Confirmation
4728 rx_process_frame(dev
[0])
4730 wait_auth_success(dev
[0], dev
[1])
4732 # DPP Configuration Request (GAS Initial Request frame)
4733 msg
= dev
[0].mgmt_rx()
4735 # Protected Dual of GAS Initial Request frame (dropped by GAS server)
4737 raise Exception("MGMT_RX_PROCESS failed. <Please retry>")
4738 frame
= binascii
.hexlify(msg
['frame'])
4739 frame
= frame
[0:48] + b
"09" + frame
[50:]
4740 frame
= frame
.decode()
4741 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4742 raise Exception("MGMT_RX_PROCESS failed")
4744 with
alloc_fail(dev
[0], 1, "gas_server_send_resp"):
4745 frame
= binascii
.hexlify(msg
['frame']).decode()
4746 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4747 raise Exception("MGMT_RX_PROCESS failed")
4748 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
4750 with
alloc_fail(dev
[0], 1, "gas_build_initial_resp;gas_server_send_resp"):
4751 frame
= binascii
.hexlify(msg
['frame']).decode()
4752 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4753 raise Exception("MGMT_RX_PROCESS failed")
4754 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
4756 # Add extra data after Query Request field to trigger
4757 # "GAS: Ignored extra data after Query Request field"
4758 frame
= binascii
.hexlify(msg
['frame']).decode() + "00"
4759 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
4760 raise Exception("MGMT_RX_PROCESS failed")
4762 # DPP Configuration Request (GAS Comeback Request frame)
4763 rx_process_frame(dev
[0])
4765 # DPP Configuration Request (GAS Comeback Request frame)
4766 rx_process_frame(dev
[0])
4768 # DPP Configuration Request (GAS Comeback Request frame)
4769 rx_process_frame(dev
[0])
4771 wait_conf_completion(dev
[0], dev
[1])
4773 def test_dpp_truncated_attr(dev
, apdev
):
4774 """DPP and truncated attribute"""
4775 check_dpp_capab(dev
[0])
4776 check_dpp_capab(dev
[1])
4779 # DPP Authentication Request
4780 msg
= dev
[0].mgmt_rx()
4781 frame
= msg
['frame']
4783 # DPP: Truncated message - not enough room for the attribute - dropped
4784 frame1
= binascii
.hexlify(frame
[0:36]).decode()
4785 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame1
)):
4786 raise Exception("MGMT_RX_PROCESS failed")
4787 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4788 if ev
is None or "ignore=invalid-attributes" not in ev
:
4789 raise Exception("Invalid attribute error not reported")
4791 # DPP: Unexpected octets (3) after the last attribute
4792 frame2
= binascii
.hexlify(frame
).decode() + "000000"
4793 if "OK" not in dev
[0].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
4794 raise Exception("MGMT_RX_PROCESS failed")
4795 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
4796 if ev
is None or "ignore=invalid-attributes" not in ev
:
4797 raise Exception("Invalid attribute error not reported")
4799 def test_dpp_bootstrap_key_autogen_issues(dev
, apdev
):
4800 """DPP bootstrap key autogen issues"""
4801 check_dpp_capab(dev
[0])
4802 check_dpp_capab(dev
[1])
4804 logger
.info("dev0 displays QR Code")
4805 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4806 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4808 logger
.info("dev1 scans QR Code")
4809 id1
= dev
[1].dpp_qr_code(uri0
)
4811 logger
.info("dev1 initiates DPP Authentication")
4812 cmd
= "DPP_LISTEN 2412"
4813 if "OK" not in dev
[0].request(cmd
):
4814 raise Exception("Failed to start listen operation")
4815 with
alloc_fail(dev
[1], 1, "dpp_autogen_bootstrap_key"):
4816 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4817 if "FAIL" not in dev
[1].request(cmd
):
4818 raise Exception("Failure not reported")
4819 with
alloc_fail(dev
[1], 2, "=dpp_autogen_bootstrap_key"):
4820 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4821 if "FAIL" not in dev
[1].request(cmd
):
4822 raise Exception("Failure not reported")
4823 with
fail_test(dev
[1], 1, "dpp_keygen;dpp_autogen_bootstrap_key"):
4824 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4825 if "FAIL" not in dev
[1].request(cmd
):
4826 raise Exception("Failure not reported")
4827 dev
[0].request("DPP_STOP_LISTEN")
4829 def test_dpp_auth_resp_status_failure(dev
, apdev
):
4830 """DPP and Auth Resp(status) build failure"""
4831 with
alloc_fail(dev
[0], 1, "dpp_auth_build_resp"):
4832 run_dpp_proto_auth_resp_missing(dev
, 99999, None,
4833 incompatible_roles
=True)
4835 def test_dpp_auth_resp_aes_siv_issue(dev
, apdev
):
4836 """DPP Auth Resp AES-SIV issue"""
4837 check_dpp_capab(dev
[0])
4838 check_dpp_capab(dev
[1])
4840 logger
.info("dev0 displays QR Code")
4841 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4842 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4844 logger
.info("dev1 scans QR Code")
4845 id1
= dev
[1].dpp_qr_code(uri0
)
4847 logger
.info("dev1 initiates DPP Authentication")
4848 cmd
= "DPP_LISTEN 2412"
4849 if "OK" not in dev
[0].request(cmd
):
4850 raise Exception("Failed to start listen operation")
4851 cmd
= "DPP_AUTH_INIT peer=%d" % id1
4852 with
fail_test(dev
[1], 1, "aes_siv_decrypt;dpp_auth_resp_rx"):
4853 if "OK" not in dev
[1].request(cmd
):
4854 raise Exception("Failed to initiate DPP Authentication")
4855 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
4856 if ev
is None or "AES-SIV decryption failed" not in ev
:
4857 raise Exception("AES-SIV decryption failure not reported")
4858 dev
[0].request("DPP_STOP_LISTEN")
4860 def test_dpp_invalid_legacy_params(dev
, apdev
):
4861 """DPP invalid legacy parameters"""
4862 check_dpp_capab(dev
[0])
4863 check_dpp_capab(dev
[1])
4865 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4866 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4868 id1
= dev
[1].dpp_qr_code(uri0
)
4871 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk ssid=%s" % (id1
, binascii
.hexlify(b
"dpp-legacy").decode())
4872 if "FAIL" not in dev
[1].request(cmd
):
4873 raise Exception("Invalid command not rejected")
4875 def test_dpp_invalid_legacy_params2(dev
, apdev
):
4876 """DPP invalid legacy parameters 2"""
4877 check_dpp_capab(dev
[0])
4878 check_dpp_capab(dev
[1])
4880 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4881 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4883 id1
= dev
[1].dpp_qr_code(uri0
)
4885 dev
[0].set("dpp_configurator_params",
4886 " conf=sta-psk ssid=%s" % (binascii
.hexlify(b
"dpp-legacy").decode()))
4887 cmd
= "DPP_LISTEN 2412 role=configurator"
4888 if "OK" not in dev
[0].request(cmd
):
4889 raise Exception("Failed to start listen operation")
4892 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
4893 if "OK" not in dev
[1].request(cmd
):
4894 raise Exception("Failed to initiate DPP Authentication")
4895 ev
= dev
[0].wait_event(["DPP: Failed to set configurator parameters"],
4898 raise Exception("DPP configuration failure not reported")
4900 def test_dpp_legacy_params_failure(dev
, apdev
):
4901 """DPP legacy parameters local failure"""
4902 check_dpp_capab(dev
[0])
4903 check_dpp_capab(dev
[1])
4905 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
4906 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
4908 id1
= dev
[1].dpp_qr_code(uri0
)
4910 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
4911 raise Exception("Failed to start listen operation")
4913 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-psk pass=%s ssid=%s" % (id1
,
4914 binascii
.hexlify(b
"passphrase").decode(),
4915 binascii
.hexlify(b
"dpp-legacy").decode())
4916 with
alloc_fail(dev
[1], 1, "dpp_build_conf_obj_legacy"):
4917 if "OK" not in dev
[1].request(cmd
):
4918 raise Exception("Failed to initiate DPP")
4919 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=5)
4921 raise Exception("DPP configuration failure not reported")
4923 def test_dpp_invalid_configurator_key(dev
, apdev
):
4924 """DPP invalid configurator key"""
4925 check_dpp_capab(dev
[0])
4927 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=aa"):
4928 raise Exception("Invalid key accepted")
4930 with
alloc_fail(dev
[0], 1, "dpp_keygen_configurator"):
4931 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
4932 raise Exception("Error not reported")
4934 with
alloc_fail(dev
[0], 1, "dpp_get_pubkey_point;dpp_keygen_configurator"):
4935 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
4936 raise Exception("Error not reported")
4938 with
alloc_fail(dev
[0], 1, "base64_gen_encode;dpp_keygen_configurator"):
4939 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
4940 raise Exception("Error not reported")
4942 with
fail_test(dev
[0], 1, "dpp_keygen_configurator"):
4943 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
):
4944 raise Exception("Error not reported")
4946 def test_dpp_own_config_sign_fail(dev
, apdev
):
4947 """DPP own config signing failure"""
4948 check_dpp_capab(dev
[0])
4949 res
= dev
[0].request("DPP_CONFIGURATOR_ADD")
4951 raise Exception("Failed to add configurator")
4956 " configurator=%d" % conf_id
,
4957 " conf=sta-dpp configurator=%d curve=unsupported" % conf_id
]
4959 if "FAIL" not in dev
[0].request("DPP_CONFIGURATOR_SIGN " + t
):
4960 raise Exception("Invalid command accepted: " + t
)
4962 def test_dpp_peer_intro_failures(dev
, apdev
):
4963 """DPP peer introduction failures"""
4965 run_dpp_peer_intro_failures(dev
, apdev
)
4967 dev
[0].set("dpp_config_processing", "0")
4969 def run_dpp_peer_intro_failures(dev
, apdev
):
4970 check_dpp_capab(dev
[0])
4971 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
4972 check_dpp_capab(hapd
)
4974 res
= hapd
.request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256
)
4976 raise Exception("Failed to add configurator")
4978 csign
= hapd
.request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id
)
4979 if "FAIL" in csign
or len(csign
) == 0:
4980 raise Exception("DPP_CONFIGURATOR_GET_KEY failed")
4982 res
= dev
[0].request("DPP_CONFIGURATOR_ADD key=" + csign
)
4984 raise Exception("Failed to add configurator")
4986 csign2
= dev
[0].request("DPP_CONFIGURATOR_GET_KEY %d" % conf_id2
)
4989 raise Exception("Unexpected difference in configurator key")
4991 cmd
= "DPP_CONFIGURATOR_SIGN conf=ap-dpp configurator=%d" % conf_id
4992 res
= hapd
.request(cmd
)
4994 raise Exception("Failed to generate own configuration")
4995 update_hapd_config(hapd
)
4997 dev
[0].set("dpp_config_processing", "1")
4998 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
4999 res
= dev
[0].request(cmd
)
5001 raise Exception("Failed to generate own configuration")
5002 ev
= dev
[0].wait_event(["DPP-NETWORK-ID"], timeout
=1)
5004 raise Exception("DPP network profile not generated")
5005 id = ev
.split(' ')[1]
5006 dev
[0].select_network(id, freq
=2412)
5007 dev
[0].wait_connected()
5008 dev
[0].request("DISCONNECT")
5009 dev
[0].wait_disconnected()
5010 dev
[0].dump_monitor()
5012 tests
= [ "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOltdLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJiVmFMRGlBT09OQmFjcVFVN1pYamFBVEtEMVhhbDVlUExqOUZFZUl3VkN3IiwieSI6Il95c25JR1hTYjBvNEsyMWg0anZmSkZxMHdVNnlPNWp1VUFPd3FuM0dHVHMifX0.WgzZBOJaisWBRxvtXPbVYPXU7OIZxs6sZD-cPOLmJVTIYZKdMkSOMvP5b6si_j61FIrjhm43tmGq1P6cpoxB_g",
5013 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7fV0sIm5ldEFjY2Vzc0tleSI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IkJhY3BWSDNpNDBrZklNS0RHa1FFRzhCODBCaEk4cEFmTWpLbzM5NlFZT2ciLCJ5IjoiMjBDYjhDNjRsSjFzQzV2NXlKMnBFZXRRempxMjI4YVV2cHMxNmQ0M3EwQSJ9fQ.dG2y8VvZQJ5hfob8E5F2FAeR7Nd700qstYkxDgA2QfARaNMZ0_SfKfoG-yKXsIZNM-TvGBfACgfhagG9Oaw_Xw",
5014 "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiIwTlNSNTlxRTc0alFfZTFLVGVPV1lYY1pTWnFUaDdNXzU0aHJPcFRpaFJnIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJkc2VmcmJWWlhad0RMWHRpLWlObDBBYkFIOXpqeFFKd0R1SUd5NzNuZGU0IiwieSI6IjZFQnExN3cwYW1fZlh1OUQ4UGxWYk9XZ2I3b19DcTUxWHlmSG8wcHJyeDQifX0.caBvdDUtXrhnS61-juVZ_2FQdprepv0yZjC04G4ERvLUpeX7cgu0Hp-A1aFDogP1PEFGpkaEdcAWRQnSSRiIKQ" ]
5016 dev
[0].set_network_quoted(id, "dpp_connector", t
)
5017 dev
[0].select_network(id, freq
=2412)
5018 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=5)
5019 if ev
is None or "status=8" not in ev
:
5020 raise Exception("Introduction failure not reported")
5021 dev
[0].request("DISCONNECT")
5022 dev
[0].dump_monitor()
5024 def test_dpp_peer_intro_local_failures(dev
, apdev
):
5025 """DPP peer introduction local failures"""
5026 check_dpp_capab(dev
[0])
5027 check_dpp_capab(dev
[1])
5029 params
= { "ssid": "dpp",
5031 "wpa_key_mgmt": "DPP",
5033 "rsn_pairwise": "CCMP",
5034 "dpp_connector": params1_ap_connector
,
5035 "dpp_csign": params1_csign
,
5036 "dpp_netaccesskey": params1_ap_netaccesskey
}
5038 hapd
= hostapd
.add_ap(apdev
[0], params
)
5040 raise HwsimSkip("DPP not supported")
5042 tests
= [ "dpp_derive_pmk",
5043 "dpp_hkdf_expand;dpp_derive_pmk",
5044 "dpp_derive_pmkid" ]
5046 with
fail_test(dev
[0], 1, func
):
5047 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5049 dpp_csign
=params1_csign
,
5050 dpp_connector
=params1_sta_connector
,
5051 dpp_netaccesskey
=params1_sta_netaccesskey
,
5053 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5054 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5055 raise Exception("Introduction failure not reported")
5056 dev
[0].request("REMOVE_NETWORK all")
5057 dev
[0].dump_monitor()
5059 tests
= [ (1, "base64_gen_decode;dpp_peer_intro"),
5060 (1, "json_parse;dpp_peer_intro"),
5061 (50, "json_parse;dpp_peer_intro"),
5062 (1, "=dpp_peer_intro"),
5063 (1, "dpp_parse_jwk") ]
5064 for count
,func
in tests
:
5065 with
alloc_fail(dev
[0], count
, func
):
5066 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5068 dpp_csign
=params1_csign
,
5069 dpp_connector
=params1_sta_connector
,
5070 dpp_netaccesskey
=params1_sta_netaccesskey
,
5072 ev
= dev
[0].wait_event(["DPP-INTRO"], timeout
=10)
5073 if ev
is None or "fail=peer_connector_validation_failed" not in ev
:
5074 raise Exception("Introduction failure not reported")
5075 dev
[0].request("REMOVE_NETWORK all")
5076 dev
[0].dump_monitor()
5078 parts
= params1_ap_connector
.split('.')
5079 for ap_connector
in [ '.'.join(parts
[0:2]), '.'.join(parts
[0:1]) ]:
5080 hapd
.set("dpp_connector", ap_connector
)
5081 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5083 dpp_csign
=params1_csign
,
5084 dpp_connector
=params1_sta_connector
,
5085 dpp_netaccesskey
=params1_sta_netaccesskey
,
5087 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5089 raise Exception("No TX status reported")
5090 dev
[0].request("REMOVE_NETWORK all")
5091 dev
[0].dump_monitor()
5093 hapd
.set("dpp_netaccesskey", "00")
5094 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5096 dpp_csign
=params1_csign
,
5097 dpp_connector
=params1_sta_connector
,
5098 dpp_netaccesskey
=params1_sta_netaccesskey
,
5100 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5102 raise Exception("No TX status reported")
5103 dev
[0].request("REMOVE_NETWORK all")
5104 dev
[0].dump_monitor()
5106 hapd
.set("dpp_csign", "00")
5107 dev
[0].connect("dpp", key_mgmt
="DPP", scan_freq
="2412",
5109 dpp_csign
=params1_csign
,
5110 dpp_connector
=params1_sta_connector
,
5111 dpp_netaccesskey
=params1_sta_netaccesskey
,
5113 ev
= dev
[0].wait_event(["DPP-TX-STATUS"], timeout
=10)
5115 raise Exception("No TX status reported")
5116 dev
[0].request("REMOVE_NETWORK all")
5117 dev
[0].dump_monitor()
5119 def run_dpp_configurator_id_unknown(dev
):
5120 check_dpp_capab(dev
)
5121 res
= dev
.request("DPP_CONFIGURATOR_ADD")
5123 raise Exception("Failed to add configurator")
5125 if "FAIL" not in dev
.request("DPP_CONFIGURATOR_GET_KEY %d" % (conf_id
+ 1)):
5126 raise Exception("DPP_CONFIGURATOR_GET_KEY with incorrect id accepted")
5128 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % (conf_id
+ 1)
5129 if "FAIL" not in dev
.request(cmd
):
5130 raise Exception("DPP_CONFIGURATOR_SIGN with incorrect id accepted")
5132 def test_dpp_configurator_id_unknown(dev
, apdev
):
5133 """DPP and unknown configurator id"""
5134 run_dpp_configurator_id_unknown(dev
[0])
5135 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5136 run_dpp_configurator_id_unknown(hapd
)
5138 def run_dpp_bootstrap_gen_failures(dev
, hostapd
):
5139 check_dpp_capab(dev
)
5141 tests
= [ "type=unsupported",
5142 "type=qrcode chan=-1",
5143 "type=qrcode mac=a",
5144 "type=qrcode key=qq",
5146 "type=qrcode info=abc\tdef" ]
5148 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN " + t
):
5149 raise Exception("Command accepted unexpectedly")
5151 id = dev
.dpp_bootstrap_gen()
5152 uri
= dev
.request("DPP_BOOTSTRAP_GET_URI %d" % id)
5153 if not uri
.startswith("DPP:"):
5154 raise Exception("Could not get URI")
5155 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI 0"):
5156 raise Exception("Failure not reported")
5157 info
= dev
.request("DPP_BOOTSTRAP_INFO %d" % id)
5158 if not info
.startswith("type=QRCODE"):
5159 raise Exception("Could not get info")
5160 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_REMOVE 0"):
5161 raise Exception("Failure not reported")
5162 if "FAIL" in dev
.request("DPP_BOOTSTRAP_REMOVE *"):
5163 raise Exception("Failed to remove bootstrap info")
5164 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GET_URI %d" % id):
5165 raise Exception("Failure not reported")
5166 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_INFO %d" % id):
5167 raise Exception("Failure not reported")
5169 func
= "hostapd_dpp_bootstrap_gen" if hostapd
else "wpas_dpp_bootstrap_gen"
5170 with
alloc_fail(dev
, 1, "=" + func
):
5171 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5172 raise Exception("Command accepted unexpectedly")
5174 with
alloc_fail(dev
, 2, "=" + func
):
5175 if "FAIL" not in dev
.request("DPP_BOOTSTRAP_GEN type=qrcode"):
5176 raise Exception("Command accepted unexpectedly")
5178 with
alloc_fail(dev
, 1, "get_param"):
5179 dev
.request("DPP_BOOTSTRAP_GEN type=qrcode curve=foo")
5181 def test_dpp_bootstrap_gen_failures(dev
, apdev
):
5182 """DPP_BOOTSTRAP_GEN/REMOVE/GET_URI/INFO error cases"""
5183 run_dpp_bootstrap_gen_failures(dev
[0], False)
5184 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
5185 run_dpp_bootstrap_gen_failures(hapd
, True)
5187 def test_dpp_listen_continue(dev
, apdev
):
5188 """DPP and continue listen state"""
5189 check_dpp_capab(dev
[0])
5190 check_dpp_capab(dev
[1])
5192 id = dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
5193 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
5195 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5196 raise Exception("Failed to start listen operation")
5199 id = dev
[1].dpp_qr_code(uri
)
5200 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id):
5201 raise Exception("Failed to initiate DPP Authentication")
5202 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
5204 raise Exception("DPP configuration result not seen (Enrollee)")
5205 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
5207 raise Exception("DPP configuration result not seen (Responder)")
5208 dev
[0].request("DPP_STOP_LISTEN")
5209 dev
[1].request("DPP_STOP_LISTEN")
5211 def test_dpp_network_addition_failure(dev
, apdev
):
5212 """DPP network addition failure"""
5214 run_dpp_network_addition_failure(dev
, apdev
)
5216 dev
[0].set("dpp_config_processing", "0")
5218 def run_dpp_network_addition_failure(dev
, apdev
):
5219 check_dpp_capab(dev
[0])
5221 res
= dev
[0].request("DPP_CONFIGURATOR_ADD")
5223 raise Exception("Failed to add configurator")
5226 dev
[0].set("dpp_config_processing", "1")
5227 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-dpp configurator=%d" % conf_id
5228 tests
= [ (1, "=wpas_dpp_add_network"),
5229 (2, "=wpas_dpp_add_network"),
5230 (3, "=wpas_dpp_add_network"),
5231 (4, "=wpas_dpp_add_network"),
5232 (1, "wpa_config_add_network;wpas_dpp_add_network") ]
5233 for count
,func
in tests
:
5234 with
alloc_fail(dev
[0], count
, func
):
5235 res
= dev
[0].request(cmd
)
5237 raise Exception("Failed to generate own configuration")
5238 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5240 raise Exception("Config object not processed")
5241 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5242 dev
[0].dump_monitor()
5244 cmd
= "DPP_CONFIGURATOR_SIGN conf=sta-psk pass=%s configurator=%d" % (binascii
.hexlify(b
"passphrase").decode(), conf_id
)
5245 tests
= [ (1, "wpa_config_set_quoted;wpas_dpp_add_network") ]
5246 for count
,func
in tests
:
5247 with
alloc_fail(dev
[0], count
, func
):
5248 res
= dev
[0].request(cmd
)
5250 raise Exception("Failed to generate own configuration")
5251 ev
= dev
[0].wait_event(["DPP-NET-ACCESS-KEY"], timeout
=2)
5253 raise Exception("Config object not processed")
5254 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5255 dev
[0].dump_monitor()
5257 def test_dpp_two_initiators(dev
, apdev
):
5258 """DPP and two initiators"""
5259 check_dpp_capab(dev
[0])
5260 check_dpp_capab(dev
[1])
5261 check_dpp_capab(dev
[2])
5263 id = dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
5264 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
5266 if "OK" not in dev
[0].request("DPP_LISTEN 2412"):
5267 raise Exception("Failed to start listen operation")
5269 id1
= dev
[1].dpp_qr_code(uri
)
5270 id2
= dev
[2].dpp_qr_code(uri
)
5272 if "OK" not in dev
[1].request("DPP_AUTH_INIT peer=%d" % id1
):
5273 raise Exception("Failed to initiate DPP Authentication")
5274 ev
= dev
[0].wait_event(["DPP-RX"], timeout
=5)
5276 raise Exeption("No DPP Authentication Request seen")
5277 if "OK" not in dev
[2].request("DPP_AUTH_INIT peer=%d" % id2
):
5278 raise Exception("Failed to initiate DPP Authentication (2)")
5280 ev
= dev
[0].wait_event(["DPP-FAIL"], timeout
=5)
5282 raise Exeption("No DPP failure seen")
5283 if "DPP-FAIL Already in DPP authentication exchange - ignore new one" not in ev
:
5284 raise Exception("Second DPP authentication exchange not reported as ignored")
5286 ev
= dev
[0].wait_event(["DPP-CONF-FAILED"], timeout
=2)
5288 raise Exception("DPP configuration result not seen (Enrollee)")
5289 ev
= dev
[1].wait_event(["DPP-CONF-SENT"], timeout
=2)
5291 raise Exception("DPP configuration result not seen (Responder)")
5293 dev
[0].request("DPP_STOP_LISTEN")
5294 dev
[1].request("DPP_STOP_LISTEN")
5295 dev
[2].request("DPP_STOP_LISTEN")
5297 def test_dpp_conf_file_update(dev
, apdev
, params
):
5298 """DPP provisioning updating wpa_supplicant configuration file"""
5299 config
= os
.path
.join(params
['logdir'], 'dpp_conf_file_update.conf')
5300 with
open(config
, "w") as f
:
5301 f
.write("update_config=1\n")
5302 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
5303 wpas
.interface_add("wlan5", config
=config
)
5304 wpas
.set("dpp_config_processing", "1")
5305 run_dpp_qr_code_auth_unicast([ wpas
, dev
[1] ], apdev
, None,
5306 init_extra
="conf=sta-dpp",
5307 require_conf_success
=True,
5309 wpas
.interface_remove("wlan5")
5311 with
open(config
, "r") as f
:
5313 for i
in [ "network={", "dpp_connector=", "key_mgmt=DPP", "ieee80211w=2",
5314 "dpp_netaccesskey=", "dpp_csign=" ]:
5316 raise Exception("Configuration file missing '%s'" % i
)
5318 wpas
.interface_add("wlan5", config
=config
)
5319 if len(wpas
.list_networks()) != 1:
5320 raise Exception("Unexpected number of networks")
5322 def test_dpp_duplicated_auth_resp(dev
, apdev
):
5323 """DPP and duplicated Authentication Response"""
5324 check_dpp_capab(dev
[0])
5325 check_dpp_capab(dev
[1])
5327 id0
= dev
[0].dpp_bootstrap_gen(chan
="81/1", mac
=True)
5328 uri0
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
5329 id1
= dev
[1].dpp_qr_code(uri0
)
5331 dev
[0].set("ext_mgmt_frame_handling", "1")
5332 dev
[1].set("ext_mgmt_frame_handling", "1")
5334 cmd
= "DPP_LISTEN 2412"
5335 if "OK" not in dev
[0].request(cmd
):
5336 raise Exception("Failed to start listen operation")
5338 cmd
= "DPP_AUTH_INIT peer=%d" % id1
5339 if "OK" not in dev
[1].request(cmd
):
5340 raise Exception("Failed to initiate DPP Authentication")
5342 # DPP Authentication Request
5343 rx_process_frame(dev
[0])
5345 # DPP Authentication Response
5346 msg
= rx_process_frame(dev
[1])
5347 frame
= binascii
.hexlify(msg
['frame']).decode()
5349 if "OK" not in dev
[1].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame
)):
5350 raise Exception("MGMT_RX_PROCESS failed")
5351 # Modified frame - nonzero status
5352 if frame
[2*32:2*37] != "0010010000":
5353 raise Exception("Could not find Status attribute")
5354 frame2
= frame
[0:2*32] + "0010010001" + frame
[2*37:]
5355 if "OK" not in dev
[1].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
5356 raise Exception("MGMT_RX_PROCESS failed")
5357 frame2
= frame
[0:2*32] + "00100100ff" + frame
[2*37:]
5358 if "OK" not in dev
[1].request("MGMT_RX_PROCESS freq={} datarate={} ssi_signal={} frame={}".format(msg
['freq'], msg
['datarate'], msg
['ssi_signal'], frame2
)):
5359 raise Exception("MGMT_RX_PROCESS failed")
5361 # DPP Authentication Confirmation
5362 rx_process_frame(dev
[0])
5364 wait_auth_success(dev
[0], dev
[1])
5366 # DPP Configuration Request
5367 rx_process_frame(dev
[1])
5369 # DPP Configuration Response
5370 rx_process_frame(dev
[0])
5372 wait_conf_completion(dev
[1], dev
[0])