]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blob
? search:


716d1be7d4e679b4aa38c85226e9da53c1956bec
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import binascii
8 import logging
9 logger = logging.getLogger()
10 import os
11 import socket
12 import struct
13 import subprocess
14 import threading
15 import time
16
17 import hostapd
18 from utils import HwsimSkip
19 from hwsim import HWSimRadio
20 import hwsim_utils
21 from test_dpp import check_dpp_capab, update_hapd_config
22 from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
23 from test_ap_eap import check_eap_capa
24 from test_ap_hs20 import hs20_ap_params
25
26 def check_sigma_dut():
27 if not os.path.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
29
30 def to_hex(s):
31 return binascii.hexlify(s.encode()).decode()
32
33 def from_hex(s):
34 return binascii.unhexlify(s).decode()
35
36 def sigma_dut_cmd(cmd, port=9000, timeout=2):
37 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
38 socket.IPPROTO_TCP)
39 sock.settimeout(timeout)
40 addr = ('127.0.0.1', port)
41 sock.connect(addr)
42 sock.send(cmd.encode() + b"\r\n")
43 try:
44 res = sock.recv(1000).decode()
45 running = False
46 done = False
47 for line in res.splitlines():
48 if line.startswith("status,RUNNING"):
49 running = True
50 elif line.startswith("status,INVALID"):
51 done = True
52 elif line.startswith("status,ERROR"):
53 done = True
54 elif line.startswith("status,COMPLETE"):
55 done = True
56 if running and not done:
57 # Read the actual response
58 res = sock.recv(1000).decode()
59 except:
60 res = ''
61 pass
62 sock.close()
63 res = res.rstrip()
64 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
65 return res
66
67 def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
68 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
69 if "COMPLETE" not in res:
70 raise Exception("sigma_dut command failed: " + cmd)
71 return res
72
73 def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None,
74 bridge=None):
75 check_sigma_dut()
76 cmd = [ './sigma_dut',
77 '-M', ifname,
78 '-S', ifname,
79 '-F', '../../hostapd/hostapd',
80 '-G',
81 '-w', '/var/run/wpa_supplicant/',
82 '-j', ifname ]
83 if debug:
84 cmd += [ '-d' ]
85 if hostapd_logdir:
86 cmd += [ '-H', hostapd_logdir ]
87 if cert_path:
88 cmd += [ '-C', cert_path ]
89 if bridge:
90 cmd += [ '-b', bridge ]
91 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
92 stderr=subprocess.PIPE)
93 for i in range(20):
94 try:
95 res = sigma_dut_cmd("HELLO")
96 break
97 except:
98 time.sleep(0.05)
99 return sigma
100
101 def stop_sigma_dut(sigma):
102 sigma.terminate()
103 sigma.wait()
104 out, err = sigma.communicate()
105 logger.debug("sigma_dut stdout: " + str(out))
106 logger.debug("sigma_dut stderr: " + str(err))
107
108 def sigma_dut_wait_connected(ifname):
109 for i in range(50):
110 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
111 if "connected,1" in res:
112 break
113 time.sleep(0.2)
114 if i == 49:
115 raise Exception("Connection did not complete")
116
117 def test_sigma_dut_basic(dev, apdev):
118 """sigma_dut basic functionality"""
119 sigma = start_sigma_dut(dev[0].ifname)
120
121 res = sigma_dut_cmd("UNKNOWN")
122 if "status,INVALID,errorCode,Unknown command" not in res:
123 raise Exception("Unexpected sigma_dut response to unknown command")
124
125 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
126 ("device_get_info", "status,COMPLETE,vendor"),
127 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
128 ("device_list_interfaces,interfaceType,802.11",
129 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
130 for cmd, response in tests:
131 res = sigma_dut_cmd(cmd)
132 if response not in res:
133 raise Exception("Unexpected %s response: %s" % (cmd, res))
134
135 stop_sigma_dut(sigma)
136
137 def test_sigma_dut_open(dev, apdev):
138 """sigma_dut controlled open network association"""
139 try:
140 run_sigma_dut_open(dev, apdev)
141 finally:
142 dev[0].set("ignore_old_scan_res", "0")
143
144 def run_sigma_dut_open(dev, apdev):
145 ifname = dev[0].ifname
146 sigma = start_sigma_dut(ifname)
147
148 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
149
150 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
151 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
152 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
153 sigma_dut_wait_connected(ifname)
154 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
155 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
156 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
157
158 stop_sigma_dut(sigma)
159
160 def test_sigma_dut_psk_pmf(dev, apdev):
161 """sigma_dut controlled PSK+PMF association"""
162 try:
163 run_sigma_dut_psk_pmf(dev, apdev)
164 finally:
165 dev[0].set("ignore_old_scan_res", "0")
166
167 def run_sigma_dut_psk_pmf(dev, apdev):
168 ifname = dev[0].ifname
169 sigma = start_sigma_dut(ifname)
170
171 ssid = "test-pmf-required"
172 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
173 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
174 params["ieee80211w"] = "2"
175 hapd = hostapd.add_ap(apdev[0], params)
176
177 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
178 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
179 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
180 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
181 sigma_dut_wait_connected(ifname)
182 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
183 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
184 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
185
186 stop_sigma_dut(sigma)
187
188 def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
189 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
190 try:
191 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
192 finally:
193 dev[0].set("ignore_old_scan_res", "0")
194
195 def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
196 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
197 try:
198 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
199 finally:
200 dev[0].set("ignore_old_scan_res", "0")
201
202 def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
204 try:
205 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
206 finally:
207 dev[0].set("ignore_old_scan_res", "0")
208
209 def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
210 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
211 try:
212 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
213 finally:
214 dev[0].set("ignore_old_scan_res", "0")
215
216 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
217 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
218 try:
219 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
220 failure=True)
221 finally:
222 dev[0].set("ignore_old_scan_res", "0")
223
224 def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
225 failure=False):
226 ifname = dev[0].ifname
227 sigma = start_sigma_dut(ifname)
228
229 ssid = "test-pmf-required"
230 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
231 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
232 params["ieee80211w"] = "2"
233 params["group_mgmt_cipher"] = hostapd_cipher
234 hapd = hostapd.add_ap(apdev[0], params)
235
236 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
237 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
238 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
239 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
240 if failure:
241 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
242 "CTRL-EVENT-CONNECTED"], timeout=10)
243 if ev is None:
244 raise Exception("Network selection result not indicated")
245 if "CTRL-EVENT-CONNECTED" in ev:
246 raise Exception("Unexpected connection")
247 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
248 if "connected,1" in res:
249 raise Exception("Connection reported")
250 else:
251 sigma_dut_wait_connected(ifname)
252 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
253
254 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
255 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
256
257 stop_sigma_dut(sigma)
258
259 def test_sigma_dut_sae(dev, apdev):
260 """sigma_dut controlled SAE association"""
261 if "SAE" not in dev[0].get_capability("auth_alg"):
262 raise HwsimSkip("SAE not supported")
263
264 ifname = dev[0].ifname
265 sigma = start_sigma_dut(ifname)
266
267 ssid = "test-sae"
268 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
269 params['wpa_key_mgmt'] = 'SAE'
270 params["ieee80211w"] = "2"
271 hapd = hostapd.add_ap(apdev[0], params)
272
273 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
274 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
275 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
276 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
277 sigma_dut_wait_connected(ifname)
278 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
279 if dev[0].get_status_field('sae_group') != '19':
280 raise Exception("Expected default SAE group not used")
281 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
282
283 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
284
285 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
286 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
287 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
288 sigma_dut_wait_connected(ifname)
289 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
290 if dev[0].get_status_field('sae_group') != '20':
291 raise Exception("Expected SAE group not used")
292 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
293 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
294
295 stop_sigma_dut(sigma)
296
297 def test_sigma_dut_sae_password(dev, apdev):
298 """sigma_dut controlled SAE association and long password"""
299 if "SAE" not in dev[0].get_capability("auth_alg"):
300 raise HwsimSkip("SAE not supported")
301
302 ifname = dev[0].ifname
303 sigma = start_sigma_dut(ifname)
304
305 try:
306 ssid = "test-sae"
307 params = hostapd.wpa2_params(ssid=ssid)
308 params['sae_password'] = 100*'B'
309 params['wpa_key_mgmt'] = 'SAE'
310 params["ieee80211w"] = "2"
311 hapd = hostapd.add_ap(apdev[0], params)
312
313 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
314 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
315 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
316 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
317 sigma_dut_wait_connected(ifname)
318 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
319 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
320 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
321 finally:
322 stop_sigma_dut(sigma)
323
324 def test_sigma_dut_sta_override_rsne(dev, apdev):
325 """sigma_dut and RSNE override on STA"""
326 try:
327 run_sigma_dut_sta_override_rsne(dev, apdev)
328 finally:
329 dev[0].set("ignore_old_scan_res", "0")
330
331 def run_sigma_dut_sta_override_rsne(dev, apdev):
332 ifname = dev[0].ifname
333 sigma = start_sigma_dut(ifname)
334
335 ssid = "test-psk"
336 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
337 hapd = hostapd.add_ap(apdev[0], params)
338
339 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
340
341 tests = [ "30120100000fac040100000fac040100000fac02",
342 "30140100000fac040100000fac040100000fac02ffff" ]
343 for test in tests:
344 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
345 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
346 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
347 sigma_dut_wait_connected(ifname)
348 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
349 dev[0].dump_monitor()
350
351 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
352 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
353 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
354
355 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
356 if ev is None:
357 raise Exception("Association rejection not reported")
358 if "status_code=40" not in ev:
359 raise Exception("Unexpected status code: " + ev)
360
361 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
362
363 stop_sigma_dut(sigma)
364
365 def test_sigma_dut_ap_psk(dev, apdev):
366 """sigma_dut controlled AP"""
367 with HWSimRadio() as (radio, iface):
368 sigma = start_sigma_dut(iface)
369 try:
370 sigma_dut_cmd_check("ap_reset_default")
371 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
372 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
373 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
374
375 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
376
377 sigma_dut_cmd_check("ap_reset_default")
378 finally:
379 stop_sigma_dut(sigma)
380
381 def test_sigma_dut_ap_pskhex(dev, apdev, params):
382 """sigma_dut controlled AP and PSKHEX"""
383 logdir = os.path.join(params['logdir'],
384 "sigma_dut_ap_pskhex.sigma-hostapd")
385 with HWSimRadio() as (radio, iface):
386 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
387 try:
388 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
389 sigma_dut_cmd_check("ap_reset_default")
390 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
391 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
392 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
393
394 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
395
396 sigma_dut_cmd_check("ap_reset_default")
397 finally:
398 stop_sigma_dut(sigma)
399
400 def test_sigma_dut_ap_psk_sha256(dev, apdev, params):
401 """sigma_dut controlled AP PSK SHA256"""
402 logdir = os.path.join(params['logdir'],
403 "sigma_dut_ap_psk_sha256.sigma-hostapd")
404 with HWSimRadio() as (radio, iface):
405 sigma = start_sigma_dut(iface)
406 try:
407 sigma_dut_cmd_check("ap_reset_default")
408 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
409 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
410 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
411
412 dev[0].connect("test-psk", key_mgmt="WPA-PSK-SHA256",
413 psk="12345678", scan_freq="2412")
414
415 sigma_dut_cmd_check("ap_reset_default")
416 finally:
417 stop_sigma_dut(sigma)
418
419 def test_sigma_dut_suite_b(dev, apdev, params):
420 """sigma_dut controlled STA Suite B"""
421 check_suite_b_192_capa(dev)
422 logdir = params['logdir']
423
424 with open("auth_serv/ec2-ca.pem", "r") as f:
425 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
426 f2.write(f.read())
427
428 with open("auth_serv/ec2-user.pem", "r") as f:
429 with open("auth_serv/ec2-user.key", "r") as f2:
430 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
431 f3.write(f.read())
432 f3.write(f2.read())
433
434 dev[0].flush_scan_cache()
435 params = suite_b_as_params()
436 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
437 params['server_cert'] = 'auth_serv/ec2-server.pem'
438 params['private_key'] = 'auth_serv/ec2-server.key'
439 params['openssl_ciphers'] = 'SUITEB192'
440 hostapd.add_ap(apdev[1], params)
441
442 params = { "ssid": "test-suite-b",
443 "wpa": "2",
444 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
445 "rsn_pairwise": "GCMP-256",
446 "group_mgmt_cipher": "BIP-GMAC-256",
447 "ieee80211w": "2",
448 "ieee8021x": "1",
449 'auth_server_addr': "127.0.0.1",
450 'auth_server_port': "18129",
451 'auth_server_shared_secret': "radius",
452 'nas_identifier': "nas.w1.fi" }
453 hapd = hostapd.add_ap(apdev[0], params)
454
455 ifname = dev[0].ifname
456 sigma = start_sigma_dut(ifname, cert_path=logdir)
457
458 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
459 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
460 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
461 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
462 sigma_dut_wait_connected(ifname)
463 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
464 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
465 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
466
467 stop_sigma_dut(sigma)
468
469 def test_sigma_dut_suite_b_rsa(dev, apdev, params):
470 """sigma_dut controlled STA Suite B (RSA)"""
471 check_suite_b_192_capa(dev)
472 logdir = params['logdir']
473
474 with open("auth_serv/rsa3072-ca.pem", "r") as f:
475 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
476 f2.write(f.read())
477
478 with open("auth_serv/rsa3072-user.pem", "r") as f:
479 with open("auth_serv/rsa3072-user.key", "r") as f2:
480 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
481 f3.write(f.read())
482 f3.write(f2.read())
483
484 dev[0].flush_scan_cache()
485 params = suite_b_192_rsa_ap_params()
486 hapd = hostapd.add_ap(apdev[0], params)
487
488 ifname = dev[0].ifname
489 sigma = start_sigma_dut(ifname, cert_path=logdir)
490
491 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
492
493 tests = [ "",
494 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
495 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
496 for extra in tests:
497 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
498 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
499 sigma_dut_cmd_check(cmd + extra)
500 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
501 sigma_dut_wait_connected(ifname)
502 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
503 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
504 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
505
506 stop_sigma_dut(sigma)
507
508 def test_sigma_dut_ap_suite_b(dev, apdev, params):
509 """sigma_dut controlled AP Suite B"""
510 check_suite_b_192_capa(dev)
511 logdir = os.path.join(params['logdir'],
512 "sigma_dut_ap_suite_b.sigma-hostapd")
513 params = suite_b_as_params()
514 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
515 params['server_cert'] = 'auth_serv/ec2-server.pem'
516 params['private_key'] = 'auth_serv/ec2-server.key'
517 params['openssl_ciphers'] = 'SUITEB192'
518 hostapd.add_ap(apdev[1], params)
519 with HWSimRadio() as (radio, iface):
520 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
521 try:
522 sigma_dut_cmd_check("ap_reset_default")
523 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
524 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
525 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
526 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
527
528 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
529 ieee80211w="2",
530 openssl_ciphers="SUITEB192",
531 eap="TLS", identity="tls user",
532 ca_cert="auth_serv/ec2-ca.pem",
533 client_cert="auth_serv/ec2-user.pem",
534 private_key="auth_serv/ec2-user.key",
535 pairwise="GCMP-256", group="GCMP-256",
536 scan_freq="2412")
537
538 sigma_dut_cmd_check("ap_reset_default")
539 finally:
540 stop_sigma_dut(sigma)
541
542 def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
543 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
544 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
545 "GCMP")
546
547 def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
548 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
549 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
550 "GCMP-256")
551
552 def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
553 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
554 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
555 "CCMP")
556
557 def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
558 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
559 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
560 "CCMP-256")
561
562 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
563 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
564 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
565 "BIP-GMAC-256", "CCMP")
566
567 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
568 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
569 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
570 "BIP-GMAC-256", "GCMP-256", "CCMP")
571
572 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
573 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
574 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
575 "GCMP-256", "CCMP", "AES-CCMP-128")
576
577 def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
578 sta_cipher, sta_cipher_group=None, ap_group=None):
579 check_suite_b_192_capa(dev)
580 logdir = os.path.join(params['logdir'],
581 "sigma_dut_ap_cipher.sigma-hostapd")
582 params = suite_b_as_params()
583 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
584 params['server_cert'] = 'auth_serv/ec2-server.pem'
585 params['private_key'] = 'auth_serv/ec2-server.key'
586 params['openssl_ciphers'] = 'SUITEB192'
587 hostapd.add_ap(apdev[1], params)
588 with HWSimRadio() as (radio, iface):
589 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
590 try:
591 sigma_dut_cmd_check("ap_reset_default")
592 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
593 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
594 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
595 if ap_group:
596 cmd += ",GroupCipher,%s" % ap_group
597 sigma_dut_cmd_check(cmd)
598 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
599
600 if sta_cipher_group is None:
601 sta_cipher_group = sta_cipher
602 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
603 ieee80211w="2",
604 openssl_ciphers="SUITEB192",
605 eap="TLS", identity="tls user",
606 ca_cert="auth_serv/ec2-ca.pem",
607 client_cert="auth_serv/ec2-user.pem",
608 private_key="auth_serv/ec2-user.key",
609 pairwise=sta_cipher, group=sta_cipher_group,
610 scan_freq="2412")
611
612 sigma_dut_cmd_check("ap_reset_default")
613 finally:
614 stop_sigma_dut(sigma)
615
616 def test_sigma_dut_ap_override_rsne(dev, apdev):
617 """sigma_dut controlled AP overriding RSNE"""
618 with HWSimRadio() as (radio, iface):
619 sigma = start_sigma_dut(iface)
620 try:
621 sigma_dut_cmd_check("ap_reset_default")
622 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
623 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
624 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
625 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
626
627 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
628
629 sigma_dut_cmd_check("ap_reset_default")
630 finally:
631 stop_sigma_dut(sigma)
632
633 def test_sigma_dut_ap_sae(dev, apdev, params):
634 """sigma_dut controlled AP with SAE"""
635 logdir = os.path.join(params['logdir'],
636 "sigma_dut_ap_sae.sigma-hostapd")
637 if "SAE" not in dev[0].get_capability("auth_alg"):
638 raise HwsimSkip("SAE not supported")
639 with HWSimRadio() as (radio, iface):
640 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
641 try:
642 sigma_dut_cmd_check("ap_reset_default")
643 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
644 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
645 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
646
647 dev[0].request("SET sae_groups ")
648 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
649 ieee80211w="2", scan_freq="2412")
650 if dev[0].get_status_field('sae_group') != '19':
651 raise Exception("Expected default SAE group not used")
652
653 sigma_dut_cmd_check("ap_reset_default")
654 finally:
655 stop_sigma_dut(sigma)
656
657 def test_sigma_dut_ap_sae_password(dev, apdev, params):
658 """sigma_dut controlled AP with SAE and long password"""
659 logdir = os.path.join(params['logdir'],
660 "sigma_dut_ap_sae_password.sigma-hostapd")
661 if "SAE" not in dev[0].get_capability("auth_alg"):
662 raise HwsimSkip("SAE not supported")
663 with HWSimRadio() as (radio, iface):
664 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
665 try:
666 sigma_dut_cmd_check("ap_reset_default")
667 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
668 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
669 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
670
671 dev[0].request("SET sae_groups ")
672 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
673 ieee80211w="2", scan_freq="2412")
674 if dev[0].get_status_field('sae_group') != '19':
675 raise Exception("Expected default SAE group not used")
676
677 sigma_dut_cmd_check("ap_reset_default")
678 finally:
679 stop_sigma_dut(sigma)
680
681 def test_sigma_dut_ap_sae_group(dev, apdev, params):
682 """sigma_dut controlled AP with SAE and specific group"""
683 logdir = os.path.join(params['logdir'],
684 "sigma_dut_ap_sae_group.sigma-hostapd")
685 if "SAE" not in dev[0].get_capability("auth_alg"):
686 raise HwsimSkip("SAE not supported")
687 with HWSimRadio() as (radio, iface):
688 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
689 try:
690 sigma_dut_cmd_check("ap_reset_default")
691 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
692 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
693 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
694
695 dev[0].request("SET sae_groups ")
696 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
697 ieee80211w="2", scan_freq="2412")
698 if dev[0].get_status_field('sae_group') != '20':
699 raise Exception("Expected SAE group not used")
700
701 sigma_dut_cmd_check("ap_reset_default")
702 finally:
703 stop_sigma_dut(sigma)
704
705 def test_sigma_dut_ap_psk_sae(dev, apdev, params):
706 """sigma_dut controlled AP with PSK+SAE"""
707 if "SAE" not in dev[0].get_capability("auth_alg"):
708 raise HwsimSkip("SAE not supported")
709 logdir = os.path.join(params['logdir'],
710 "sigma_dut_ap_psk_sae.sigma-hostapd")
711 with HWSimRadio() as (radio, iface):
712 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
713 try:
714 sigma_dut_cmd_check("ap_reset_default")
715 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
716 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
717 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
718
719 dev[2].request("SET sae_groups ")
720 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
721 scan_freq="2412", ieee80211w="0", wait_connect=False)
722 dev[0].request("SET sae_groups ")
723 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
724 scan_freq="2412", ieee80211w="2")
725 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
726
727 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
728 dev[2].request("DISCONNECT")
729 if ev is not None:
730 raise Exception("Unexpected connection without PMF")
731
732 sigma_dut_cmd_check("ap_reset_default")
733 finally:
734 stop_sigma_dut(sigma)
735
736 def test_sigma_dut_owe(dev, apdev):
737 """sigma_dut controlled OWE station"""
738 try:
739 run_sigma_dut_owe(dev, apdev)
740 finally:
741 dev[0].set("ignore_old_scan_res", "0")
742
743 def run_sigma_dut_owe(dev, apdev):
744 if "OWE" not in dev[0].get_capability("key_mgmt"):
745 raise HwsimSkip("OWE not supported")
746
747 ifname = dev[0].ifname
748 sigma = start_sigma_dut(ifname)
749
750 try:
751 params = { "ssid": "owe",
752 "wpa": "2",
753 "wpa_key_mgmt": "OWE",
754 "ieee80211w": "2",
755 "rsn_pairwise": "CCMP" }
756 hapd = hostapd.add_ap(apdev[0], params)
757 bssid = hapd.own_addr()
758
759 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
760 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
761 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
762 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
763 sigma_dut_wait_connected(ifname)
764 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
765
766 dev[0].dump_monitor()
767 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
768 dev[0].wait_connected()
769 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
770 dev[0].wait_disconnected()
771 dev[0].dump_monitor()
772
773 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
774 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
775 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
776 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
777 sigma_dut_wait_connected(ifname)
778 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
779 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
780 dev[0].wait_disconnected()
781 dev[0].dump_monitor()
782
783 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
784 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
785 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
786 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
787 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
788 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
789 if ev is None:
790 raise Exception("Association not rejected")
791 if "status_code=77" not in ev:
792 raise Exception("Unexpected rejection reason: " + ev)
793
794 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
795 finally:
796 stop_sigma_dut(sigma)
797
798 def test_sigma_dut_ap_owe(dev, apdev, params):
799 """sigma_dut controlled AP with OWE"""
800 logdir = os.path.join(params['logdir'],
801 "sigma_dut_ap_owe.sigma-hostapd")
802 if "OWE" not in dev[0].get_capability("key_mgmt"):
803 raise HwsimSkip("OWE not supported")
804 with HWSimRadio() as (radio, iface):
805 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
806 try:
807 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
808 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
809 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
810 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
811
812 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
813 scan_freq="2412")
814
815 sigma_dut_cmd_check("ap_reset_default")
816 finally:
817 stop_sigma_dut(sigma)
818
819 def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
820 """sigma_dut controlled AP with OWE and ECGroupID"""
821 if "OWE" not in dev[0].get_capability("key_mgmt"):
822 raise HwsimSkip("OWE not supported")
823 with HWSimRadio() as (radio, iface):
824 sigma = start_sigma_dut(iface)
825 try:
826 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
827 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
828 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
829 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
830
831 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
832 owe_group="20", scan_freq="2412")
833 dev[0].request("REMOVE_NETWORK all")
834 dev[0].wait_disconnected()
835
836 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
837 owe_group="21", scan_freq="2412")
838 dev[0].request("REMOVE_NETWORK all")
839 dev[0].wait_disconnected()
840
841 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
842 owe_group="19", scan_freq="2412", wait_connect=False)
843 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
844 dev[0].request("DISCONNECT")
845 if ev is None:
846 raise Exception("Association not rejected")
847 if "status_code=77" not in ev:
848 raise Exception("Unexpected rejection reason: " + ev)
849 dev[0].dump_monitor()
850
851 sigma_dut_cmd_check("ap_reset_default")
852 finally:
853 stop_sigma_dut(sigma)
854
855 def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
856 """sigma_dut controlled AP with OWE and transition mode"""
857 if "OWE" not in dev[0].get_capability("key_mgmt"):
858 raise HwsimSkip("OWE not supported")
859 logdir = os.path.join(params['logdir'],
860 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
861 with HWSimRadio() as (radio, iface):
862 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
863 try:
864 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
865 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
866 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
867 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
868 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
869 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
870
871 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
872 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
873
874 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
875 scan_freq="2412")
876 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
877 if dev[0].get_status_field('bssid') not in res1:
878 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
879 if dev[1].get_status_field('bssid') not in res2:
880 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
881
882 sigma_dut_cmd_check("ap_reset_default")
883 finally:
884 stop_sigma_dut(sigma)
885
886 def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
887 """sigma_dut controlled AP with OWE and transition mode (2)"""
888 if "OWE" not in dev[0].get_capability("key_mgmt"):
889 raise HwsimSkip("OWE not supported")
890 logdir = os.path.join(params['logdir'],
891 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
892 with HWSimRadio() as (radio, iface):
893 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
894 try:
895 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
896 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
897 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
898 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
899 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
900 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
901
902 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
903 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
904
905 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
906 scan_freq="2412")
907 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
908 if dev[0].get_status_field('bssid') not in res2:
909 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
910 if dev[1].get_status_field('bssid') not in res1:
911 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
912
913 sigma_dut_cmd_check("ap_reset_default")
914 finally:
915 stop_sigma_dut(sigma)
916
917 def dpp_init_enrollee(dev, id1):
918 logger.info("Starting DPP initiator/enrollee in a thread")
919 time.sleep(1)
920 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
921 if "OK" not in dev.request(cmd):
922 raise Exception("Failed to initiate DPP Authentication")
923 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
924 if ev is None:
925 raise Exception("DPP configuration not completed (Enrollee)")
926 logger.info("DPP initiator/enrollee done")
927
928 def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
929 """sigma_dut DPP/QR responder (conf index 1)"""
930 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
931
932 def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
933 """sigma_dut DPP/QR responder (conf index 2)"""
934 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
935
936 def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
937 """sigma_dut DPP/QR responder (conf index 3)"""
938 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
939
940 def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
941 """sigma_dut DPP/QR responder (conf index 4)"""
942 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
943
944 def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
945 """sigma_dut DPP/QR responder (conf index 5)"""
946 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
947
948 def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
949 """sigma_dut DPP/QR responder (conf index 6)"""
950 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
951
952 def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
953 """sigma_dut DPP/QR responder (conf index 7)"""
954 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
955
956 def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
957 """sigma_dut DPP/QR responder (channel list override)"""
958 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
959 listen_chan=2)
960
961 def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
962 listen_chan=None):
963 check_dpp_capab(dev[0])
964 check_dpp_capab(dev[1])
965 sigma = start_sigma_dut(dev[0].ifname)
966 try:
967 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
968 if chan_list:
969 cmd += ",DPPChannelList," + chan_list
970 res = sigma_dut_cmd(cmd)
971 if "status,COMPLETE" not in res:
972 raise Exception("dev_exec_action did not succeed: " + res)
973 hex = res.split(',')[3]
974 uri = from_hex(hex)
975 logger.info("URI from sigma_dut: " + uri)
976
977 res = dev[1].request("DPP_QR_CODE " + uri)
978 if "FAIL" in res:
979 raise Exception("Failed to parse QR Code URI")
980 id1 = int(res)
981
982 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
983 t.start()
984 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
985 if listen_chan:
986 cmd += ",DPPListenChannel," + str(listen_chan)
987 res = sigma_dut_cmd(cmd, timeout=10)
988 t.join()
989 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
990 raise Exception("Unexpected result: " + res)
991 finally:
992 stop_sigma_dut(sigma)
993
994 def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
995 """sigma_dut DPP/QR initiator as Enrollee"""
996 check_dpp_capab(dev[0])
997 check_dpp_capab(dev[1])
998
999 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1000 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1001 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1002 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1003
1004 params = { "ssid": "DPPNET01",
1005 "wpa": "2",
1006 "ieee80211w": "2",
1007 "wpa_key_mgmt": "DPP",
1008 "rsn_pairwise": "CCMP",
1009 "dpp_connector": ap_connector,
1010 "dpp_csign": csign_pub,
1011 "dpp_netaccesskey": ap_netaccesskey }
1012 try:
1013 hapd = hostapd.add_ap(apdev[0], params)
1014 except:
1015 raise HwsimSkip("DPP not supported")
1016
1017 sigma = start_sigma_dut(dev[0].ifname)
1018 try:
1019 dev[0].set("dpp_config_processing", "2")
1020
1021 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1022 res = dev[1].request(cmd)
1023 if "FAIL" in res:
1024 raise Exception("Failed to add configurator")
1025 conf_id = int(res)
1026
1027 addr = dev[1].own_addr().replace(':', '')
1028 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1029 res = dev[1].request(cmd)
1030 if "FAIL" in res:
1031 raise Exception("Failed to generate bootstrapping info")
1032 id0 = int(res)
1033 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1034
1035 dev[1].set("dpp_configurator_params",
1036 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1037 cmd = "DPP_LISTEN 2437 role=configurator"
1038 if "OK" not in dev[1].request(cmd):
1039 raise Exception("Failed to start listen operation")
1040
1041 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1042 if "status,COMPLETE" not in res:
1043 raise Exception("dev_exec_action did not succeed: " + res)
1044
1045 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1046 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1047 raise Exception("Unexpected result: " + res)
1048 finally:
1049 dev[0].set("dpp_config_processing", "0")
1050 stop_sigma_dut(sigma)
1051
1052 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1053 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1054 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1055
1056 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1057 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1058 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1059 extra="DPPAuthDirection,Mutual,")
1060
1061 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
1062 check_dpp_capab(dev[0])
1063 check_dpp_capab(dev[1])
1064
1065 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1066 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1067 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1068 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1069
1070 params = { "ssid": "DPPNET01",
1071 "wpa": "2",
1072 "ieee80211w": "2",
1073 "wpa_key_mgmt": "DPP",
1074 "rsn_pairwise": "CCMP",
1075 "dpp_connector": ap_connector,
1076 "dpp_csign": csign_pub,
1077 "dpp_netaccesskey": ap_netaccesskey }
1078 try:
1079 hapd = hostapd.add_ap(apdev[0], params)
1080 except:
1081 raise HwsimSkip("DPP not supported")
1082
1083 sigma = start_sigma_dut(dev[0].ifname)
1084 try:
1085 dev[0].set("dpp_config_processing", "2")
1086
1087 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1088 res = dev[1].request(cmd)
1089 if "FAIL" in res:
1090 raise Exception("Failed to add configurator")
1091 conf_id = int(res)
1092
1093 addr = dev[1].own_addr().replace(':', '')
1094 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1095 res = dev[1].request(cmd)
1096 if "FAIL" in res:
1097 raise Exception("Failed to generate bootstrapping info")
1098 id0 = int(res)
1099 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1100
1101 dev[1].set("dpp_configurator_params",
1102 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1103 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1104 if "OK" not in dev[1].request(cmd):
1105 raise Exception("Failed to start listen operation")
1106
1107 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1108 if "status,COMPLETE" not in res:
1109 raise Exception("dev_exec_action did not succeed: " + res)
1110 hex = res.split(',')[3]
1111 uri = from_hex(hex)
1112 logger.info("URI from sigma_dut: " + uri)
1113
1114 res = dev[1].request("DPP_QR_CODE " + uri)
1115 if "FAIL" in res:
1116 raise Exception("Failed to parse QR Code URI")
1117 id1 = int(res)
1118
1119 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1120 if "status,COMPLETE" not in res:
1121 raise Exception("dev_exec_action did not succeed: " + res)
1122
1123 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
1124 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1125 raise Exception("Unexpected result: " + res)
1126 finally:
1127 dev[0].set("dpp_config_processing", "0")
1128 stop_sigma_dut(sigma)
1129
1130 def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1131 time.sleep(1)
1132 logger.info("Starting DPP initiator/configurator in a thread")
1133 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, to_hex("DPPNET01"), conf_id)
1134 if own_id is not None:
1135 cmd += " own=%d" % own_id
1136 if "OK" not in dev.request(cmd):
1137 raise Exception("Failed to initiate DPP Authentication")
1138 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1139 if ev is None:
1140 raise Exception("DPP configuration not completed (Configurator)")
1141 logger.info("DPP initiator/configurator done")
1142
1143 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1144 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1145 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1146
1147 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1148 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1149 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1150
1151 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
1152 check_dpp_capab(dev[0])
1153 check_dpp_capab(dev[1])
1154
1155 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1156 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1157 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1158 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1159
1160 params = { "ssid": "DPPNET01",
1161 "wpa": "2",
1162 "ieee80211w": "2",
1163 "wpa_key_mgmt": "DPP",
1164 "rsn_pairwise": "CCMP",
1165 "dpp_connector": ap_connector,
1166 "dpp_csign": csign_pub,
1167 "dpp_netaccesskey": ap_netaccesskey }
1168 try:
1169 hapd = hostapd.add_ap(apdev[0], params)
1170 except:
1171 raise HwsimSkip("DPP not supported")
1172
1173 sigma = start_sigma_dut(dev[0].ifname)
1174 try:
1175 dev[0].set("dpp_config_processing", "2")
1176
1177 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1178 res = dev[1].request(cmd)
1179 if "FAIL" in res:
1180 raise Exception("Failed to add configurator")
1181 conf_id = int(res)
1182
1183 addr = dev[1].own_addr().replace(':', '')
1184 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1185 res = dev[1].request(cmd)
1186 if "FAIL" in res:
1187 raise Exception("Failed to generate bootstrapping info")
1188 id0 = int(res)
1189 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1190
1191 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1192 if "status,COMPLETE" not in res:
1193 raise Exception("dev_exec_action did not succeed: " + res)
1194 hex = res.split(',')[3]
1195 uri = from_hex(hex)
1196 logger.info("URI from sigma_dut: " + uri)
1197
1198 res = dev[1].request("DPP_QR_CODE " + uri)
1199 if "FAIL" in res:
1200 raise Exception("Failed to parse QR Code URI")
1201 id1 = int(res)
1202
1203 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1204 if "status,COMPLETE" not in res:
1205 raise Exception("dev_exec_action did not succeed: " + res)
1206
1207 t = threading.Thread(target=dpp_init_conf_mutual,
1208 args=(dev[1], id1, conf_id, id0))
1209 t.start()
1210
1211 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1212 if extra:
1213 cmd += extra
1214 res = sigma_dut_cmd(cmd, timeout=25)
1215 t.join()
1216 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1217 raise Exception("Unexpected result: " + res)
1218 finally:
1219 dev[0].set("dpp_config_processing", "0")
1220 stop_sigma_dut(sigma)
1221
1222 def dpp_resp_conf_mutual(dev, conf_id, uri):
1223 logger.info("Starting DPP responder/configurator in a thread")
1224 dev.set("dpp_configurator_params",
1225 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
1226 conf_id))
1227 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1228 if "OK" not in dev.request(cmd):
1229 raise Exception("Failed to initiate DPP listen")
1230 if uri:
1231 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1232 if ev is None:
1233 raise Exception("QR Code scan for mutual authentication not requested")
1234 res = dev.request("DPP_QR_CODE " + uri)
1235 if "FAIL" in res:
1236 raise Exception("Failed to parse QR Code URI")
1237 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1238 if ev is None:
1239 raise Exception("DPP configuration not completed (Configurator)")
1240 logger.info("DPP responder/configurator done")
1241
1242 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1243 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1244 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1245
1246 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1247 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1248 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1249
1250 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1251 check_dpp_capab(dev[0])
1252 check_dpp_capab(dev[1])
1253
1254 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1255 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1256 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1257 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1258
1259 params = { "ssid": "DPPNET01",
1260 "wpa": "2",
1261 "ieee80211w": "2",
1262 "wpa_key_mgmt": "DPP",
1263 "rsn_pairwise": "CCMP",
1264 "dpp_connector": ap_connector,
1265 "dpp_csign": csign_pub,
1266 "dpp_netaccesskey": ap_netaccesskey }
1267 try:
1268 hapd = hostapd.add_ap(apdev[0], params)
1269 except:
1270 raise HwsimSkip("DPP not supported")
1271
1272 sigma = start_sigma_dut(dev[0].ifname)
1273 try:
1274 dev[0].set("dpp_config_processing", "2")
1275
1276 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1277 res = dev[1].request(cmd)
1278 if "FAIL" in res:
1279 raise Exception("Failed to add configurator")
1280 conf_id = int(res)
1281
1282 addr = dev[1].own_addr().replace(':', '')
1283 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1284 res = dev[1].request(cmd)
1285 if "FAIL" in res:
1286 raise Exception("Failed to generate bootstrapping info")
1287 id0 = int(res)
1288 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1289
1290 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1291 if "status,COMPLETE" not in res:
1292 raise Exception("dev_exec_action did not succeed: " + res)
1293 hex = res.split(',')[3]
1294 uri = from_hex(hex)
1295 logger.info("URI from sigma_dut: " + uri)
1296
1297 if not resp_pending:
1298 res = dev[1].request("DPP_QR_CODE " + uri)
1299 if "FAIL" in res:
1300 raise Exception("Failed to parse QR Code URI")
1301 uri = None
1302
1303 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1304 if "status,COMPLETE" not in res:
1305 raise Exception("dev_exec_action did not succeed: " + res)
1306
1307 t = threading.Thread(target=dpp_resp_conf_mutual,
1308 args=(dev[1], conf_id, uri))
1309 t.start()
1310
1311 time.sleep(1)
1312 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1313 res = sigma_dut_cmd(cmd, timeout=15)
1314 t.join()
1315 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1316 raise Exception("Unexpected result: " + res)
1317 finally:
1318 dev[0].set("dpp_config_processing", "0")
1319 stop_sigma_dut(sigma)
1320
1321 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1322 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1323 check_dpp_capab(dev[0])
1324 check_dpp_capab(dev[1])
1325
1326 params = hostapd.wpa2_params(ssid="DPPNET01",
1327 passphrase="ThisIsDppPassphrase")
1328 hapd = hostapd.add_ap(apdev[0], params)
1329
1330 sigma = start_sigma_dut(dev[0].ifname)
1331 try:
1332 dev[0].set("dpp_config_processing", "2")
1333
1334 cmd = "DPP_CONFIGURATOR_ADD"
1335 res = dev[1].request(cmd)
1336 if "FAIL" in res:
1337 raise Exception("Failed to add configurator")
1338 conf_id = int(res)
1339
1340 addr = dev[1].own_addr().replace(':', '')
1341 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1342 res = dev[1].request(cmd)
1343 if "FAIL" in res:
1344 raise Exception("Failed to generate bootstrapping info")
1345 id0 = int(res)
1346 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1347
1348 dev[1].set("dpp_configurator_params",
1349 " conf=sta-psk ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1350 cmd = "DPP_LISTEN 2437 role=configurator"
1351 if "OK" not in dev[1].request(cmd):
1352 raise Exception("Failed to start listen operation")
1353
1354 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1355 if "status,COMPLETE" not in res:
1356 raise Exception("dev_exec_action did not succeed: " + res)
1357
1358 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1359 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1360 raise Exception("Unexpected result: " + res)
1361 finally:
1362 dev[0].set("dpp_config_processing", "0")
1363 stop_sigma_dut(sigma)
1364
1365 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev, apdev):
1366 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1367 check_dpp_capab(dev[0])
1368 check_dpp_capab(dev[1])
1369 if "SAE" not in dev[0].get_capability("auth_alg"):
1370 raise HwsimSkip("SAE not supported")
1371
1372 params = hostapd.wpa2_params(ssid="DPPNET01",
1373 passphrase="ThisIsDppPassphrase")
1374 params['wpa_key_mgmt'] = 'SAE'
1375 params["ieee80211w"] = "2"
1376 hapd = hostapd.add_ap(apdev[0], params)
1377
1378 sigma = start_sigma_dut(dev[0].ifname)
1379 try:
1380 dev[0].set("dpp_config_processing", "2")
1381
1382 cmd = "DPP_CONFIGURATOR_ADD"
1383 res = dev[1].request(cmd)
1384 if "FAIL" in res:
1385 raise Exception("Failed to add configurator")
1386 conf_id = int(res)
1387
1388 addr = dev[1].own_addr().replace(':', '')
1389 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1390 res = dev[1].request(cmd)
1391 if "FAIL" in res:
1392 raise Exception("Failed to generate bootstrapping info")
1393 id0 = int(res)
1394 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1395
1396 dev[1].set("dpp_configurator_params",
1397 " conf=sta-sae ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1398 cmd = "DPP_LISTEN 2437 role=configurator"
1399 if "OK" not in dev[1].request(cmd):
1400 raise Exception("Failed to start listen operation")
1401
1402 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1403 if "status,COMPLETE" not in res:
1404 raise Exception("dev_exec_action did not succeed: " + res)
1405
1406 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1407 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1408 raise Exception("Unexpected result: " + res)
1409 finally:
1410 dev[0].set("dpp_config_processing", "0")
1411 stop_sigma_dut(sigma)
1412
1413 def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1414 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1415 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1416
1417 def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1418 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1419 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1420
1421 def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1422 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1423 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1424
1425 def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1426 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1427 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1428
1429 def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1430 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1431 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1432
1433 def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1434 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1435 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1436
1437 def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1438 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1439 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1440
1441 def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1442 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1443 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1444
1445 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1446 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1447 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1448
1449 def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
1450 prov_role="Configurator",
1451 extra=None):
1452 check_dpp_capab(dev[0])
1453 check_dpp_capab(dev[1])
1454 sigma = start_sigma_dut(dev[0].ifname)
1455 try:
1456 addr = dev[1].own_addr().replace(':', '')
1457 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1458 res = dev[1].request(cmd)
1459 if "FAIL" in res:
1460 raise Exception("Failed to generate bootstrapping info")
1461 id0 = int(res)
1462 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1463
1464 cmd = "DPP_LISTEN 2437 role=enrollee"
1465 if "OK" not in dev[1].request(cmd):
1466 raise Exception("Failed to start listen operation")
1467
1468 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1469 if "status,COMPLETE" not in res:
1470 raise Exception("dev_exec_action did not succeed: " + res)
1471
1472 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1473 if extra:
1474 cmd += "," + extra
1475 res = sigma_dut_cmd(cmd)
1476 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1477 raise Exception("Unexpected result: " + res)
1478 finally:
1479 stop_sigma_dut(sigma)
1480
1481 def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1482 """sigma_dut DPP roles incompatible (Initiator)"""
1483 check_dpp_capab(dev[0])
1484 check_dpp_capab(dev[1])
1485 sigma = start_sigma_dut(dev[0].ifname)
1486 try:
1487 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1488 if "status,COMPLETE" not in res:
1489 raise Exception("dev_exec_action did not succeed: " + res)
1490 hex = res.split(',')[3]
1491 uri = from_hex(hex)
1492 logger.info("URI from sigma_dut: " + uri)
1493
1494 res = dev[1].request("DPP_QR_CODE " + uri)
1495 if "FAIL" in res:
1496 raise Exception("Failed to parse QR Code URI")
1497 id1 = int(res)
1498
1499 addr = dev[1].own_addr().replace(':', '')
1500 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1501 res = dev[1].request(cmd)
1502 if "FAIL" in res:
1503 raise Exception("Failed to generate bootstrapping info")
1504 id0 = int(res)
1505 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1506
1507 cmd = "DPP_LISTEN 2437 role=enrollee"
1508 if "OK" not in dev[1].request(cmd):
1509 raise Exception("Failed to start listen operation")
1510
1511 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1512 if "status,COMPLETE" not in res:
1513 raise Exception("dev_exec_action did not succeed: " + res)
1514
1515 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1516 res = sigma_dut_cmd(cmd)
1517 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1518 raise Exception("Unexpected result: " + res)
1519 finally:
1520 stop_sigma_dut(sigma)
1521
1522 def dpp_init_enrollee_mutual(dev, id1, own_id):
1523 logger.info("Starting DPP initiator/enrollee in a thread")
1524 time.sleep(1)
1525 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1526 if "OK" not in dev.request(cmd):
1527 raise Exception("Failed to initiate DPP Authentication")
1528 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1529 "DPP-NOT-COMPATIBLE"], timeout=5)
1530 if ev is None:
1531 raise Exception("DPP configuration not completed (Enrollee)")
1532 logger.info("DPP initiator/enrollee done")
1533
1534 def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1535 """sigma_dut DPP roles incompatible (Responder)"""
1536 check_dpp_capab(dev[0])
1537 check_dpp_capab(dev[1])
1538 sigma = start_sigma_dut(dev[0].ifname)
1539 try:
1540 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1541 res = sigma_dut_cmd(cmd)
1542 if "status,COMPLETE" not in res:
1543 raise Exception("dev_exec_action did not succeed: " + res)
1544 hex = res.split(',')[3]
1545 uri = from_hex(hex)
1546 logger.info("URI from sigma_dut: " + uri)
1547
1548 res = dev[1].request("DPP_QR_CODE " + uri)
1549 if "FAIL" in res:
1550 raise Exception("Failed to parse QR Code URI")
1551 id1 = int(res)
1552
1553 addr = dev[1].own_addr().replace(':', '')
1554 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1555 res = dev[1].request(cmd)
1556 if "FAIL" in res:
1557 raise Exception("Failed to generate bootstrapping info")
1558 id0 = int(res)
1559 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1560
1561 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1562 if "status,COMPLETE" not in res:
1563 raise Exception("dev_exec_action did not succeed: " + res)
1564
1565 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1566 t.start()
1567 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1568 res = sigma_dut_cmd(cmd, timeout=10)
1569 t.join()
1570 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1571 raise Exception("Unexpected result: " + res)
1572 finally:
1573 stop_sigma_dut(sigma)
1574
1575 def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1576 """sigma_dut DPP/PKEX initiator as Configurator"""
1577 check_dpp_capab(dev[0])
1578 check_dpp_capab(dev[1])
1579 sigma = start_sigma_dut(dev[0].ifname)
1580 try:
1581 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1582 res = dev[1].request(cmd)
1583 if "FAIL" in res:
1584 raise Exception("Failed to generate bootstrapping info")
1585 id1 = int(res)
1586 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1587 res = dev[1].request(cmd)
1588 if "FAIL" in res:
1589 raise Exception("Failed to set PKEX data (responder)")
1590 cmd = "DPP_LISTEN 2437 role=enrollee"
1591 if "OK" not in dev[1].request(cmd):
1592 raise Exception("Failed to start listen operation")
1593
1594 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1595 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1596 raise Exception("Unexpected result: " + res)
1597 finally:
1598 stop_sigma_dut(sigma)
1599
1600 def dpp_init_conf(dev, id1, conf, conf_id, extra):
1601 logger.info("Starting DPP initiator/configurator in a thread")
1602 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1603 if "OK" not in dev.request(cmd):
1604 raise Exception("Failed to initiate DPP Authentication")
1605 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1606 if ev is None:
1607 raise Exception("DPP configuration not completed (Configurator)")
1608 logger.info("DPP initiator/configurator done")
1609
1610 def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1611 """sigma_dut controlled AP (DPP)"""
1612 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1613
1614 def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1615 """sigma_dut controlled AP (legacy)"""
1616 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1617 extra="pass=%s" % to_hex("qwertyuiop"))
1618
1619 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1620 """sigma_dut controlled AP (legacy)"""
1621 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1622 extra="psk=%s" % (32*"12"))
1623
1624 def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
1625 check_dpp_capab(dev[0])
1626 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1627 with HWSimRadio() as (radio, iface):
1628 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1629 try:
1630 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1631 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1632 if "status,COMPLETE" not in res:
1633 raise Exception("dev_exec_action did not succeed: " + res)
1634 hex = res.split(',')[3]
1635 uri = from_hex(hex)
1636 logger.info("URI from sigma_dut: " + uri)
1637
1638 cmd = "DPP_CONFIGURATOR_ADD"
1639 res = dev[0].request(cmd)
1640 if "FAIL" in res:
1641 raise Exception("Failed to add configurator")
1642 conf_id = int(res)
1643
1644 res = dev[0].request("DPP_QR_CODE " + uri)
1645 if "FAIL" in res:
1646 raise Exception("Failed to parse QR Code URI")
1647 id1 = int(res)
1648
1649 t = threading.Thread(target=dpp_init_conf,
1650 args=(dev[0], id1, ap_conf, conf_id, extra))
1651 t.start()
1652 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1653 t.join()
1654 if "ConfResult,OK" not in res:
1655 raise Exception("Unexpected result: " + res)
1656
1657 addr = dev[1].own_addr().replace(':', '')
1658 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1659 res = dev[1].request(cmd)
1660 if "FAIL" in res:
1661 raise Exception("Failed to generate bootstrapping info")
1662 id1 = int(res)
1663 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1664
1665 res = dev[0].request("DPP_QR_CODE " + uri1)
1666 if "FAIL" in res:
1667 raise Exception("Failed to parse QR Code URI")
1668 id0b = int(res)
1669
1670 dev[1].set("dpp_config_processing", "2")
1671 cmd = "DPP_LISTEN 2412"
1672 if "OK" not in dev[1].request(cmd):
1673 raise Exception("Failed to start listen operation")
1674 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1675 if "OK" not in dev[0].request(cmd):
1676 raise Exception("Failed to initiate DPP Authentication")
1677 dev[1].wait_connected()
1678
1679 sigma_dut_cmd_check("ap_reset_default")
1680 finally:
1681 dev[1].set("dpp_config_processing", "0")
1682 stop_sigma_dut(sigma)
1683
1684 def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1685 """sigma_dut controlled AP as DPP PKEX responder"""
1686 check_dpp_capab(dev[0])
1687 logdir = os.path.join(params['logdir'],
1688 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1689 with HWSimRadio() as (radio, iface):
1690 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1691 try:
1692 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1693 finally:
1694 stop_sigma_dut(sigma)
1695
1696 def dpp_init_conf_pkex(dev, conf_id, check_config=True):
1697 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1698 time.sleep(1.5)
1699 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1700 res = dev.request(cmd)
1701 if "FAIL" in res:
1702 raise Exception("Failed to generate bootstrapping info")
1703 id = int(res)
1704 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1705 res = dev.request(cmd)
1706 if "FAIL" in res:
1707 raise Exception("Failed to initiate DPP PKEX")
1708 if not check_config:
1709 return
1710 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1711 if ev is None:
1712 raise Exception("DPP configuration not completed (Configurator)")
1713 logger.info("DPP initiator/configurator done")
1714
1715 def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1716 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1717
1718 cmd = "DPP_CONFIGURATOR_ADD"
1719 res = dev[0].request(cmd)
1720 if "FAIL" in res:
1721 raise Exception("Failed to add configurator")
1722 conf_id = int(res)
1723
1724 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1725 t.start()
1726 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
1727 t.join()
1728 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1729 raise Exception("Unexpected result: " + res)
1730
1731 sigma_dut_cmd_check("ap_reset_default")
1732
1733 def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1734 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1735 check_dpp_capab(dev[0])
1736 sigma = start_sigma_dut(dev[0].ifname)
1737 try:
1738 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1739 finally:
1740 stop_sigma_dut(sigma)
1741
1742 def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1743 cmd = "DPP_CONFIGURATOR_ADD"
1744 res = dev[1].request(cmd)
1745 if "FAIL" in res:
1746 raise Exception("Failed to add configurator")
1747 conf_id = int(res)
1748
1749 dev[1].set("dpp_test", "44")
1750
1751 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1752 False))
1753 t.start()
1754 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1755 t.join()
1756 if "BootstrapResult,Timeout" not in res:
1757 raise Exception("Unexpected result: " + res)
1758
1759 def dpp_proto_init(dev, id1):
1760 time.sleep(1)
1761 logger.info("Starting DPP initiator/configurator in a thread")
1762 cmd = "DPP_CONFIGURATOR_ADD"
1763 res = dev.request(cmd)
1764 if "FAIL" in res:
1765 raise Exception("Failed to add configurator")
1766 conf_id = int(res)
1767
1768 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1769 if "OK" not in dev.request(cmd):
1770 raise Exception("Failed to initiate DPP Authentication")
1771
1772 def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1773 """sigma_dut DPP protocol testing - Initiator"""
1774 check_dpp_capab(dev[0])
1775 check_dpp_capab(dev[1])
1776 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1777 "BootstrapResult,OK,AuthResult,Errorsent",
1778 None),
1779 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1780 "BootstrapResult,OK,AuthResult,Errorsent",
1781 None),
1782 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1783 "BootstrapResult,OK,AuthResult,Errorsent",
1784 "Missing or invalid I-capabilities"),
1785 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1786 "BootstrapResult,OK,AuthResult,Errorsent",
1787 "Mismatching Initiator Authenticating Tag"),
1788 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1789 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1790 "Missing or invalid Enrollee Nonce attribute") ]
1791 for step, frame, attr, result, fail in tests:
1792 dev[0].request("FLUSH")
1793 dev[1].request("FLUSH")
1794 sigma = start_sigma_dut(dev[0].ifname)
1795 try:
1796 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1797 fail)
1798 finally:
1799 stop_sigma_dut(sigma)
1800
1801 def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1802 addr = dev[1].own_addr().replace(':', '')
1803 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1804 res = dev[1].request(cmd)
1805 if "FAIL" in res:
1806 raise Exception("Failed to generate bootstrapping info")
1807 id0 = int(res)
1808 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1809
1810 cmd = "DPP_LISTEN 2437 role=enrollee"
1811 if "OK" not in dev[1].request(cmd):
1812 raise Exception("Failed to start listen operation")
1813
1814 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1815 if "status,COMPLETE" not in res:
1816 raise Exception("dev_exec_action did not succeed: " + res)
1817
1818 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1819 timeout=10)
1820 if result not in res:
1821 raise Exception("Unexpected result: " + res)
1822 if fail:
1823 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1824 if ev is None or fail not in ev:
1825 raise Exception("Failure not reported correctly: " + str(ev))
1826
1827 dev[1].request("DPP_STOP_LISTEN")
1828 dev[0].dump_monitor()
1829 dev[1].dump_monitor()
1830
1831 def test_sigma_dut_dpp_proto_responder(dev, apdev):
1832 """sigma_dut DPP protocol testing - Responder"""
1833 check_dpp_capab(dev[0])
1834 check_dpp_capab(dev[1])
1835 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1836 "BootstrapResult,OK,AuthResult,Errorsent",
1837 "Missing or invalid required DPP Status attribute"),
1838 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1839 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1840 "Missing or invalid Enrollee Nonce attribute") ]
1841 for step, frame, attr, result, fail in tests:
1842 dev[0].request("FLUSH")
1843 dev[1].request("FLUSH")
1844 sigma = start_sigma_dut(dev[0].ifname)
1845 try:
1846 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1847 fail)
1848 finally:
1849 stop_sigma_dut(sigma)
1850
1851 def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1852 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1853 if "status,COMPLETE" not in res:
1854 raise Exception("dev_exec_action did not succeed: " + res)
1855 hex = res.split(',')[3]
1856 uri = from_hex(hex)
1857 logger.info("URI from sigma_dut: " + uri)
1858
1859 res = dev[1].request("DPP_QR_CODE " + uri)
1860 if "FAIL" in res:
1861 raise Exception("Failed to parse QR Code URI")
1862 id1 = int(res)
1863
1864 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1865 t.start()
1866 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
1867 t.join()
1868 if result not in res:
1869 raise Exception("Unexpected result: " + res)
1870 if fail:
1871 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1872 if ev is None or fail not in ev:
1873 raise Exception("Failure not reported correctly:" + str(ev))
1874
1875 dev[1].request("DPP_STOP_LISTEN")
1876 dev[0].dump_monitor()
1877 dev[1].dump_monitor()
1878
1879 def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1880 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1881 check_dpp_capab(dev[0])
1882 check_dpp_capab(dev[1])
1883 tests = [ ("AuthenticationResponse",
1884 "BootstrapResult,OK,AuthResult,Errorsent",
1885 None),
1886 ("ConfigurationRequest",
1887 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1888 None)]
1889 for frame, result, fail in tests:
1890 dev[0].request("FLUSH")
1891 dev[1].request("FLUSH")
1892 sigma = start_sigma_dut(dev[0].ifname)
1893 try:
1894 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1895 finally:
1896 stop_sigma_dut(sigma)
1897
1898 def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1899 addr = dev[1].own_addr().replace(':', '')
1900 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1901 res = dev[1].request(cmd)
1902 if "FAIL" in res:
1903 raise Exception("Failed to generate bootstrapping info")
1904 id0 = int(res)
1905 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1906
1907 cmd = "DPP_LISTEN 2437 role=enrollee"
1908 if "OK" not in dev[1].request(cmd):
1909 raise Exception("Failed to start listen operation")
1910
1911 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1912 if "status,COMPLETE" not in res:
1913 raise Exception("dev_exec_action did not succeed: " + res)
1914
1915 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1916 if result not in res:
1917 raise Exception("Unexpected result: " + res)
1918 if fail:
1919 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1920 if ev is None or fail not in ev:
1921 raise Exception("Failure not reported correctly: " + str(ev))
1922
1923 dev[1].request("DPP_STOP_LISTEN")
1924 dev[0].dump_monitor()
1925 dev[1].dump_monitor()
1926
1927 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1928 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1929 check_dpp_capab(dev[0])
1930 check_dpp_capab(dev[1])
1931 tests = [ ("AuthenticationConfirm",
1932 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1933 None) ]
1934 for frame, result, fail in tests:
1935 dev[0].request("FLUSH")
1936 dev[1].request("FLUSH")
1937 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1938 try:
1939 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1940 result, fail)
1941 finally:
1942 stop_sigma_dut(sigma)
1943
1944 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1945 fail):
1946 addr = dev[1].own_addr().replace(':', '')
1947 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1948 res = dev[1].request(cmd)
1949 if "FAIL" in res:
1950 raise Exception("Failed to generate bootstrapping info")
1951 id0 = int(res)
1952 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1953
1954 cmd = "DPP_LISTEN 2437 role=configurator"
1955 if "OK" not in dev[1].request(cmd):
1956 raise Exception("Failed to start listen operation")
1957
1958 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1959 if "status,COMPLETE" not in res:
1960 raise Exception("dev_exec_action did not succeed: " + res)
1961
1962 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1963 if result not in res:
1964 raise Exception("Unexpected result: " + res)
1965 if fail:
1966 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1967 if ev is None or fail not in ev:
1968 raise Exception("Failure not reported correctly: " + str(ev))
1969
1970 dev[1].request("DPP_STOP_LISTEN")
1971 dev[0].dump_monitor()
1972 dev[1].dump_monitor()
1973
1974 def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1975 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1976 check_dpp_capab(dev[0])
1977 check_dpp_capab(dev[1])
1978 tests = [ ("AuthenticationRequest",
1979 "BootstrapResult,OK,AuthResult,Errorsent",
1980 None),
1981 ("AuthenticationConfirm",
1982 "BootstrapResult,OK,AuthResult,Errorsent",
1983 None) ]
1984 for frame, result, fail in tests:
1985 dev[0].request("FLUSH")
1986 dev[1].request("FLUSH")
1987 sigma = start_sigma_dut(dev[0].ifname)
1988 try:
1989 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1990 finally:
1991 stop_sigma_dut(sigma)
1992
1993 def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1994 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1995 if "status,COMPLETE" not in res:
1996 raise Exception("dev_exec_action did not succeed: " + res)
1997 hex = res.split(',')[3]
1998 uri = from_hex(hex)
1999 logger.info("URI from sigma_dut: " + uri)
2000
2001 res = dev[1].request("DPP_QR_CODE " + uri)
2002 if "FAIL" in res:
2003 raise Exception("Failed to parse QR Code URI")
2004 id1 = int(res)
2005
2006 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
2007 t.start()
2008 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
2009 t.join()
2010 if result not in res:
2011 raise Exception("Unexpected result: " + res)
2012 if fail:
2013 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2014 if ev is None or fail not in ev:
2015 raise Exception("Failure not reported correctly:" + str(ev))
2016
2017 dev[1].request("DPP_STOP_LISTEN")
2018 dev[0].dump_monitor()
2019 dev[1].dump_monitor()
2020
2021 def dpp_proto_init_pkex(dev):
2022 time.sleep(1)
2023 logger.info("Starting DPP PKEX initiator/configurator in a thread")
2024 cmd = "DPP_CONFIGURATOR_ADD"
2025 res = dev.request(cmd)
2026 if "FAIL" in res:
2027 raise Exception("Failed to add configurator")
2028 conf_id = int(res)
2029
2030 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2031 res = dev.request(cmd)
2032 if "FAIL" in res:
2033 raise Exception("Failed to generate bootstrapping info")
2034 id = int(res)
2035
2036 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
2037 if "FAIL" in dev.request(cmd):
2038 raise Exception("Failed to initiate DPP PKEX")
2039
2040 def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
2041 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2042 check_dpp_capab(dev[0])
2043 check_dpp_capab(dev[1])
2044 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
2045 "BootstrapResult,Errorsent",
2046 None),
2047 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2048 "BootstrapResult,Errorsent",
2049 "Missing or invalid Finite Cyclic Group attribute"),
2050 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2051 "BootstrapResult,Errorsent",
2052 "No valid peer bootstrapping key found") ]
2053 for step, frame, attr, result, fail in tests:
2054 dev[0].request("FLUSH")
2055 dev[1].request("FLUSH")
2056 sigma = start_sigma_dut(dev[0].ifname)
2057 try:
2058 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
2059 result, fail)
2060 finally:
2061 stop_sigma_dut(sigma)
2062
2063 def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
2064 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2065 res = dev[1].request(cmd)
2066 if "FAIL" in res:
2067 raise Exception("Failed to generate bootstrapping info")
2068 id1 = int(res)
2069
2070 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
2071 res = dev[1].request(cmd)
2072 if "FAIL" in res:
2073 raise Exception("Failed to set PKEX data (responder)")
2074
2075 cmd = "DPP_LISTEN 2437 role=enrollee"
2076 if "OK" not in dev[1].request(cmd):
2077 raise Exception("Failed to start listen operation")
2078
2079 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
2080 if result not in res:
2081 raise Exception("Unexpected result: " + res)
2082 if fail:
2083 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2084 if ev is None or fail not in ev:
2085 raise Exception("Failure not reported correctly: " + str(ev))
2086
2087 dev[1].request("DPP_STOP_LISTEN")
2088 dev[0].dump_monitor()
2089 dev[1].dump_monitor()
2090
2091 def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2092 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2093 check_dpp_capab(dev[0])
2094 check_dpp_capab(dev[1])
2095 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2096 "BootstrapResult,Errorsent",
2097 None),
2098 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2099 "BootstrapResult,Errorsent",
2100 "No DPP Status attribute"),
2101 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2102 "BootstrapResult,Errorsent",
2103 "No valid peer bootstrapping key found") ]
2104 for step, frame, attr, result, fail in tests:
2105 dev[0].request("FLUSH")
2106 dev[1].request("FLUSH")
2107 sigma = start_sigma_dut(dev[0].ifname)
2108 try:
2109 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2110 result, fail)
2111 finally:
2112 stop_sigma_dut(sigma)
2113
2114 def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2115 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2116 t.start()
2117 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
2118 t.join()
2119 if result not in res:
2120 raise Exception("Unexpected result: " + res)
2121 if fail:
2122 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2123 if ev is None or fail not in ev:
2124 raise Exception("Failure not reported correctly:" + str(ev))
2125
2126 dev[1].request("DPP_STOP_LISTEN")
2127 dev[0].dump_monitor()
2128 dev[1].dump_monitor()
2129
2130 def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2131 check_dpp_capab(dev[0])
2132 check_dpp_capab(dev[1])
2133
2134 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2135 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2136 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2137 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2138
2139 params = { "ssid": "DPPNET01",
2140 "wpa": "2",
2141 "ieee80211w": "2",
2142 "wpa_key_mgmt": "DPP",
2143 "rsn_pairwise": "CCMP",
2144 "dpp_connector": ap_connector,
2145 "dpp_csign": csign_pub,
2146 "dpp_netaccesskey": ap_netaccesskey }
2147 try:
2148 hapd = hostapd.add_ap(apdev[0], params)
2149 except:
2150 raise HwsimSkip("DPP not supported")
2151
2152 dev[0].set("dpp_config_processing", "2")
2153
2154 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2155 res = dev[1].request(cmd)
2156 if "FAIL" in res:
2157 raise Exception("Failed to add configurator")
2158 conf_id = int(res)
2159
2160 addr = dev[1].own_addr().replace(':', '')
2161 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2162 res = dev[1].request(cmd)
2163 if "FAIL" in res:
2164 raise Exception("Failed to generate bootstrapping info")
2165 id0 = int(res)
2166 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2167
2168 dev[1].set("dpp_configurator_params",
2169 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
2170 conf_id))
2171 cmd = "DPP_LISTEN 2437 role=configurator"
2172 if "OK" not in dev[1].request(cmd):
2173 raise Exception("Failed to start listen operation")
2174
2175 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
2176 if "status,COMPLETE" not in res:
2177 raise Exception("dev_exec_action did not succeed: " + res)
2178
2179 def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2180 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2181 sigma = start_sigma_dut(dev[0].ifname)
2182 try:
2183 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2184
2185 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2186 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2187 raise Exception("Unexpected result: " + res)
2188 finally:
2189 dev[0].set("dpp_config_processing", "0")
2190 stop_sigma_dut(sigma)
2191
2192 def test_sigma_dut_dpp_self_config(dev, apdev):
2193 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2194 check_dpp_capab(dev[0])
2195
2196 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2197 check_dpp_capab(hapd)
2198
2199 sigma = start_sigma_dut(dev[0].ifname)
2200 try:
2201 dev[0].set("dpp_config_processing", "2")
2202 addr = hapd.own_addr().replace(':', '')
2203 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2204 res = hapd.request(cmd)
2205 if "FAIL" in res:
2206 raise Exception("Failed to generate bootstrapping info")
2207 id = int(res)
2208 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2209
2210 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2211 if "status,COMPLETE" not in res:
2212 raise Exception("dev_exec_action did not succeed: " + res)
2213
2214 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2215 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2216 raise Exception("Unexpected result: " + res)
2217 update_hapd_config(hapd)
2218
2219 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2220 res = sigma_dut_cmd(cmd, timeout=10)
2221 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2222 raise Exception("Unexpected result: " + res)
2223 finally:
2224 stop_sigma_dut(sigma)
2225 dev[0].set("dpp_config_processing", "0")
2226
2227 def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2228 """sigma_dut DPP AP Configurator using self-configuration"""
2229 logdir = os.path.join(params['logdir'],
2230 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2231 with HWSimRadio() as (radio, iface):
2232 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2233 try:
2234 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2235 finally:
2236 stop_sigma_dut(sigma)
2237 dev[0].set("dpp_config_processing", "0")
2238
2239 def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2240 check_dpp_capab(dev[0])
2241
2242 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2243
2244 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2245 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2246 raise Exception("Unexpected result: " + res)
2247
2248 dev[0].set("dpp_config_processing", "2")
2249
2250 addr = dev[0].own_addr().replace(':', '')
2251 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2252 res = dev[0].request(cmd)
2253 if "FAIL" in res:
2254 raise Exception("Failed to generate bootstrapping info")
2255 id = int(res)
2256 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2257 cmd = "DPP_LISTEN 2462 role=enrollee"
2258 if "OK" not in dev[0].request(cmd):
2259 raise Exception("Failed to start listen operation")
2260
2261 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2262 if "status,COMPLETE" not in res:
2263 raise Exception("dev_exec_action did not succeed: " + res)
2264 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2265 res = sigma_dut_cmd(cmd)
2266 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2267 raise Exception("Unexpected result: " + res)
2268 dev[0].wait_connected()
2269 dev[0].request("DISCONNECT")
2270 dev[0].wait_disconnected()
2271 sigma_dut_cmd_check("ap_reset_default")
2272
2273 def test_sigma_dut_preconfigured_profile(dev, apdev):
2274 """sigma_dut controlled connection using preconfigured profile"""
2275 try:
2276 run_sigma_dut_preconfigured_profile(dev, apdev)
2277 finally:
2278 dev[0].set("ignore_old_scan_res", "0")
2279
2280 def run_sigma_dut_preconfigured_profile(dev, apdev):
2281 ifname = dev[0].ifname
2282 sigma = start_sigma_dut(ifname)
2283
2284 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2285 hapd = hostapd.add_ap(apdev[0], params)
2286 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2287 only_add_network=True)
2288
2289 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2290 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2291 sigma_dut_wait_connected(ifname)
2292 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2293 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2294 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2295
2296 stop_sigma_dut(sigma)
2297
2298 def test_sigma_dut_wps_pbc(dev, apdev):
2299 """sigma_dut and WPS PBC Enrollee"""
2300 try:
2301 run_sigma_dut_wps_pbc(dev, apdev)
2302 finally:
2303 dev[0].set("ignore_old_scan_res", "0")
2304
2305 def run_sigma_dut_wps_pbc(dev, apdev):
2306 ssid = "test-wps-conf"
2307 hapd = hostapd.add_ap(apdev[0],
2308 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2309 "wpa_passphrase": "12345678", "wpa": "2",
2310 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2311 hapd.request("WPS_PBC")
2312
2313 ifname = dev[0].ifname
2314 sigma = start_sigma_dut(ifname)
2315
2316 cmd = "start_wps_registration,interface,%s" % ifname
2317 cmd += ",WpsRole,Enrollee"
2318 cmd += ",WpsConfigMethod,PBC"
2319 sigma_dut_cmd_check(cmd, timeout=15)
2320
2321 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2322 hapd.disable()
2323 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2324 stop_sigma_dut(sigma)
2325 dev[0].flush_scan_cache()
2326
2327 def test_sigma_dut_sta_scan_bss(dev, apdev):
2328 """sigma_dut sta_scan_bss"""
2329 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2330 sigma = start_sigma_dut(dev[0].ifname)
2331 try:
2332 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2333 hapd.own_addr())
2334 res = sigma_dut_cmd(cmd, timeout=10)
2335 if "ssid,test,bsschannel,1" not in res:
2336 raise Exception("Unexpected result: " + res)
2337 finally:
2338 stop_sigma_dut(sigma)
2339
2340 def test_sigma_dut_ap_osen(dev, apdev, params):
2341 """sigma_dut controlled AP with OSEN"""
2342 logdir = os.path.join(params['logdir'],
2343 "sigma_dut_ap_osen.sigma-hostapd")
2344 with HWSimRadio() as (radio, iface):
2345 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2346 try:
2347 sigma_dut_cmd_check("ap_reset_default")
2348 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2349 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2350 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2351 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2352
2353 # RSN-OSEN (for OSU)
2354 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2355 pairwise="CCMP", group="GTK_NOT_USED",
2356 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2357 ca_cert="auth_serv/ca.pem", scan_freq="2412")
2358
2359 sigma_dut_cmd_check("ap_reset_default")
2360 finally:
2361 stop_sigma_dut(sigma)
2362
2363 def test_sigma_dut_ap_eap_osen(dev, apdev, params):
2364 """sigma_dut controlled AP with EAP+OSEN"""
2365 logdir = os.path.join(params['logdir'],
2366 "sigma_dut_ap_eap_osen.sigma-hostapd")
2367 with HWSimRadio() as (radio, iface):
2368 sigma = start_sigma_dut(iface, bridge="ap-br0", hostapd_logdir=logdir)
2369 try:
2370 sigma_dut_cmd_check("ap_reset_default")
2371 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2372 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2373 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2374 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2375
2376 subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
2377 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2378
2379 # RSN-OSEN (for OSU)
2380 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2381 pairwise="CCMP",
2382 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2383 ca_cert="auth_serv/ca.pem", ieee80211w='2',
2384 scan_freq="2412")
2385 # RSN-EAP (for data connection)
2386 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
2387 identity="hs20-test", password="password",
2388 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
2389 ieee80211w='2', scan_freq="2412")
2390
2391 hwsim_utils.test_connectivity(dev[0], dev[1], broadcast=False,
2392 success_expected=False, timeout=1)
2393
2394 sigma_dut_cmd_check("ap_reset_default")
2395 finally:
2396 stop_sigma_dut(sigma)
2397 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2398 stderr=open('/dev/null', 'w'))
2399 subprocess.call(['brctl', 'delbr', 'ap-br0'],
2400 stderr=open('/dev/null', 'w'))
2401
2402 def test_sigma_dut_ap_eap(dev, apdev, params):
2403 """sigma_dut controlled AP WPA2-Enterprise"""
2404 logdir = os.path.join(params['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2405 with HWSimRadio() as (radio, iface):
2406 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2407 try:
2408 sigma_dut_cmd_check("ap_reset_default")
2409 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2410 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2411 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2412 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2413
2414 dev[0].connect("test-eap", key_mgmt="WPA-EAP", eap="GPSK",
2415 identity="gpsk user",
2416 password="abcdefghijklmnop0123456789abcdef",
2417 scan_freq="2412")
2418
2419 sigma_dut_cmd_check("ap_reset_default")
2420 finally:
2421 stop_sigma_dut(sigma)
2422
2423 def test_sigma_dut_ap_eap_sha256(dev, apdev, params):
2424 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2425 logdir = os.path.join(params['logdir'],
2426 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2427 with HWSimRadio() as (radio, iface):
2428 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2429 try:
2430 sigma_dut_cmd_check("ap_reset_default")
2431 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2432 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2433 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2434 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2435
2436 dev[0].connect("test-eap", key_mgmt="WPA-EAP-SHA256", eap="GPSK",
2437 identity="gpsk user",
2438 password="abcdefghijklmnop0123456789abcdef",
2439 scan_freq="2412")
2440
2441 sigma_dut_cmd_check("ap_reset_default")
2442 finally:
2443 stop_sigma_dut(sigma)
2444
2445 def test_sigma_dut_ap_ft_eap(dev, apdev, params):
2446 """sigma_dut controlled AP FT-EAP"""
2447 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2448 with HWSimRadio() as (radio, iface):
2449 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2450 try:
2451 sigma_dut_cmd_check("ap_reset_default")
2452 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2453 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2454 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2455 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2456
2457 dev[0].connect("test-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2458 identity="gpsk user",
2459 password="abcdefghijklmnop0123456789abcdef",
2460 scan_freq="2412")
2461
2462 sigma_dut_cmd_check("ap_reset_default")
2463 finally:
2464 stop_sigma_dut(sigma)
2465
2466 def test_sigma_dut_ap_ft_psk(dev, apdev, params):
2467 """sigma_dut controlled AP FT-PSK"""
2468 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2469 with HWSimRadio() as (radio, iface):
2470 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2471 try:
2472 sigma_dut_cmd_check("ap_reset_default")
2473 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2474 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2475 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2476
2477 dev[0].connect("test-ft-psk", key_mgmt="FT-PSK", psk="12345678",
2478 scan_freq="2412")
2479
2480 sigma_dut_cmd_check("ap_reset_default")
2481 finally:
2482 stop_sigma_dut(sigma)
2483
2484 def test_sigma_dut_ap_ent_ft_eap(dev, apdev, params):
2485 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2486 logdir = os.path.join(params['logdir'],
2487 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2488 with HWSimRadio() as (radio, iface):
2489 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2490 try:
2491 sigma_dut_cmd_check("ap_reset_default")
2492 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2493 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2494 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2495 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2496
2497 dev[0].connect("test-ent-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2498 identity="gpsk user",
2499 password="abcdefghijklmnop0123456789abcdef",
2500 scan_freq="2412")
2501 dev[1].connect("test-ent-ft-eap", key_mgmt="WPA-EAP", eap="GPSK",
2502 identity="gpsk user",
2503 password="abcdefghijklmnop0123456789abcdef",
2504 scan_freq="2412")
2505
2506 sigma_dut_cmd_check("ap_reset_default")
2507 finally:
2508 stop_sigma_dut(sigma)
2509
2510 def test_sigma_dut_venue_url(dev, apdev):
2511 """sigma_dut controlled Venue URL fetch"""
2512 try:
2513 run_sigma_dut_venue_url(dev, apdev)
2514 finally:
2515 dev[0].set("ignore_old_scan_res", "0")
2516
2517 def run_sigma_dut_venue_url(dev, apdev):
2518 ifname = dev[0].ifname
2519 sigma = start_sigma_dut(ifname, debug=True)
2520
2521 ssid = "venue"
2522 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
2523 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2524 params["ieee80211w"] = "2"
2525
2526 venue_group = 1
2527 venue_type = 13
2528 venue_info = struct.pack('BB', venue_group, venue_type)
2529 lang1 = "eng"
2530 name1 = "Example venue"
2531 lang2 = "fin"
2532 name2 = "Esimerkkipaikka"
2533 venue1 = struct.pack('B', len(lang1 + name1)) + lang1.encode() + name1.encode()
2534 venue2 = struct.pack('B', len(lang2 + name2)) + lang2.encode() + name2.encode()
2535 venue_name = binascii.hexlify(venue_info + venue1 + venue2)
2536
2537 url1 = "http://example.com/venue"
2538 url2 = "https://example.org/venue-info/"
2539 params["venue_group"] = str(venue_group)
2540 params["venue_type"] = str(venue_type)
2541 params["venue_name"] = [ lang1 + ":" + name1, lang2 + ":" + name2 ]
2542 params["venue_url"] = [ "1:" + url1, "2:" + url2 ]
2543
2544 hapd = hostapd.add_ap(apdev[0], params)
2545
2546 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
2547 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2548 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "venue", "12345678"))
2549 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "venue"))
2550 sigma_dut_wait_connected(ifname)
2551 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2552 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname + ",Display,Yes")
2553 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2554 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2555
2556 stop_sigma_dut(sigma)
2557
2558 def test_sigma_dut_hs20_assoc_24(dev, apdev):
2559 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2560 run_sigma_dut_hs20_assoc(dev, apdev, True)
2561
2562 def test_sigma_dut_hs20_assoc_5(dev, apdev):
2563 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2564 run_sigma_dut_hs20_assoc(dev, apdev, False)
2565
2566 def run_sigma_dut_hs20_assoc(dev, apdev, band24):
2567 hapd0 = None
2568 hapd1 = None
2569 try:
2570 bssid0 = apdev[0]['bssid']
2571 params = hs20_ap_params()
2572 params['hessid'] = bssid0
2573 hapd0 = hostapd.add_ap(apdev[0], params)
2574
2575 bssid1 = apdev[1]['bssid']
2576 params = hs20_ap_params()
2577 params['hessid'] = bssid0
2578 params["hw_mode"] = "a"
2579 params["channel"] = "36"
2580 params["country_code"] = "US"
2581 hapd1 = hostapd.add_ap(apdev[1], params)
2582
2583 band = "2.4" if band24 else "5"
2584 exp_bssid = bssid0 if band24 else bssid1
2585 run_sigma_dut_hs20_assoc_2(dev, apdev, band, exp_bssid)
2586 finally:
2587 dev[0].request("DISCONNECT")
2588 if hapd0:
2589 hapd0.request("DISABLE")
2590 if hapd1:
2591 hapd1.request("DISABLE")
2592 subprocess.call(['iw', 'reg', 'set', '00'])
2593 dev[0].flush_scan_cache()
2594
2595 def run_sigma_dut_hs20_assoc_2(dev, apdev, band, expect_bssid):
2596 check_eap_capa(dev[0], "MSCHAPV2")
2597 dev[0].flush_scan_cache()
2598
2599 ifname = dev[0].ifname
2600 sigma = start_sigma_dut(ifname, debug=True)
2601
2602 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname)
2603 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2604 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname)
2605 res = sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname, band),
2606 timeout=15)
2607 sigma_dut_wait_connected(ifname)
2608 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2609 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2610 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2611
2612 stop_sigma_dut(sigma)
2613
2614 if "BSSID," + expect_bssid not in res:
2615 raise Exception("Unexpected BSSID: " + res)
2616
2617 def test_sigma_dut_ap_hs20(dev, apdev, params):
2618 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2619 logdir = os.path.join(params['logdir'],
2620 "sigma_dut_ap_hs20.sigma-hostapd")
2621 conffile = os.path.join(params['logdir'],
2622 "sigma_dut_ap_hs20.sigma-conf")
2623 with HWSimRadio() as (radio, iface):
2624 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2625 try:
2626 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2627 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2628 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2629 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2630 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
2631 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
2632 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2633 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2634 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2635 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2636 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2637 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
2638 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
2639 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2640
2641 with open("/tmp/sigma_dut-ap.conf", "rb") as f:
2642 with open(conffile, "wb") as f2:
2643 f2.write(f.read())
2644
2645 sigma_dut_cmd_check("ap_reset_default")
2646 finally:
2647 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.