]>
Commit | Line | Data |
---|---|---|
ea295abc JM |
1 | # WPS+NFC tests |
2 | # Copyright (c) 2013, Jouni Malinen <j@w1.fi> | |
3 | # | |
4 | # This software may be distributed under the terms of the BSD license. | |
5 | # See README for more details. | |
6 | ||
7 | import time | |
8 | import subprocess | |
9 | import logging | |
c9aa4308 | 10 | logger = logging.getLogger() |
ea295abc JM |
11 | |
12 | import hwsim_utils | |
13 | import hostapd | |
14 | ||
a8375c94 | 15 | def check_wpa2_connection(sta, ap, hapd, ssid, mixed=False): |
ea295abc JM |
16 | status = sta.get_status() |
17 | if status['wpa_state'] != 'COMPLETED': | |
18 | raise Exception("Not fully connected") | |
19 | if status['bssid'] != ap['bssid']: | |
20 | raise Exception("Unexpected BSSID") | |
21 | if status['ssid'] != ssid: | |
22 | raise Exception("Unexpected SSID") | |
23 | if status['pairwise_cipher'] != 'CCMP': | |
24 | raise Exception("Unexpected encryption configuration") | |
25 | if status['group_cipher'] != 'CCMP' and not mixed: | |
26 | raise Exception("Unexpected encryption configuration") | |
27 | if status['key_mgmt'] != 'WPA2-PSK': | |
28 | raise Exception("Unexpected key_mgmt") | |
a8375c94 | 29 | hwsim_utils.test_connectivity(sta, hapd) |
ea295abc JM |
30 | |
31 | def ap_wps_params(ssid): | |
32 | return { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
33 | "wpa_passphrase": "12345678", "wpa": "2", | |
34 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"} | |
35 | ||
36 | def test_nfc_wps_password_token_sta(dev, apdev): | |
37 | """NFC tag with password token on the station/Enrollee""" | |
38 | ssid = "test-wps-nfc-pw-token-conf" | |
39 | params = ap_wps_params(ssid) | |
40 | hostapd.add_ap(apdev[0]['ifname'], params) | |
41 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
42 | logger.info("WPS provisioning step using password token from station") | |
43 | pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip() | |
44 | if "FAIL" in pw: | |
45 | raise Exception("Failed to generate password token") | |
46 | res = hapd.request("WPS_NFC_TAG_READ " + pw) | |
47 | if "FAIL" in res: | |
48 | raise Exception("Failed to provide NFC tag contents to hostapd") | |
49 | dev[0].dump_monitor() | |
50 | res = dev[0].request("WPS_NFC") | |
51 | if "FAIL" in res: | |
52 | raise Exception("Failed to start Enrollee using NFC password token") | |
7e3f110b | 53 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
ea295abc JM |
54 | if ev is None: |
55 | raise Exception("Association with the AP timed out") | |
a8375c94 | 56 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
ea295abc JM |
57 | |
58 | def test_nfc_wps_config_token(dev, apdev): | |
59 | """NFC tag with configuration token from AP""" | |
60 | ssid = "test-wps-nfc-conf-token" | |
61 | params = ap_wps_params(ssid) | |
62 | hostapd.add_ap(apdev[0]['ifname'], params) | |
63 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
64 | logger.info("NFC configuration token from AP to station") | |
65 | conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip() | |
66 | if "FAIL" in conf: | |
67 | raise Exception("Failed to generate configuration token") | |
68 | dev[0].dump_monitor() | |
69 | res = dev[0].request("WPS_NFC_TAG_READ " + conf) | |
70 | if "FAIL" in res: | |
71 | raise Exception("Failed to provide NFC tag contents to wpa_supplicant") | |
72 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
73 | if ev is None: | |
74 | raise Exception("Association with the AP timed out") | |
a8375c94 | 75 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
ea295abc | 76 | |
590160d5 JM |
77 | def test_nfc_wps_config_token_init(dev, apdev): |
78 | """NFC tag with configuration token from AP with auto configuration""" | |
590160d5 JM |
79 | ssid = "test-wps-nfc-conf-token-init" |
80 | hostapd.add_ap(apdev[0]['ifname'], | |
81 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
82 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
83 | logger.info("NFC configuration token from AP to station") | |
84 | conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip() | |
85 | if "FAIL" in conf: | |
86 | raise Exception("Failed to generate configuration token") | |
87 | dev[0].dump_monitor() | |
88 | res = dev[0].request("WPS_NFC_TAG_READ " + conf) | |
89 | if "FAIL" in res: | |
90 | raise Exception("Failed to provide NFC tag contents to wpa_supplicant") | |
91 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
92 | if ev is None: | |
93 | raise Exception("Association with the AP timed out") | |
a8375c94 | 94 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True) |
590160d5 | 95 | |
ea295abc JM |
96 | def test_nfc_wps_password_token_sta_init(dev, apdev): |
97 | """Initial AP configuration with first WPS NFC Enrollee""" | |
98 | ssid = "test-wps-nfc-pw-token-init" | |
99 | hostapd.add_ap(apdev[0]['ifname'], | |
100 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
101 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
102 | logger.info("WPS provisioning step using password token from station") | |
103 | pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip() | |
104 | if "FAIL" in pw: | |
105 | raise Exception("Failed to generate password token") | |
106 | res = hapd.request("WPS_NFC_TAG_READ " + pw) | |
107 | if "FAIL" in res: | |
108 | raise Exception("Failed to provide NFC tag contents to hostapd") | |
109 | dev[0].dump_monitor() | |
110 | res = dev[0].request("WPS_NFC") | |
111 | if "FAIL" in res: | |
112 | raise Exception("Failed to start Enrollee using NFC password token") | |
7e3f110b | 113 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
ea295abc JM |
114 | if ev is None: |
115 | raise Exception("Association with the AP timed out") | |
a8375c94 | 116 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True) |
ea295abc JM |
117 | |
118 | def test_nfc_wps_password_token_ap(dev, apdev): | |
119 | """WPS registrar configuring an AP using AP password token""" | |
ea295abc JM |
120 | ssid = "test-wps-nfc-pw-token-init" |
121 | hostapd.add_ap(apdev[0]['ifname'], | |
122 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
123 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
124 | logger.info("WPS configuration step") | |
125 | pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip() | |
126 | if "FAIL" in pw: | |
127 | raise Exception("Failed to generate password token") | |
128 | res = hapd.request("WPS_NFC_TOKEN enable") | |
129 | if "FAIL" in pw: | |
130 | raise Exception("Failed to enable AP password token") | |
131 | res = dev[0].request("WPS_NFC_TAG_READ " + pw) | |
132 | if "FAIL" in res: | |
133 | raise Exception("Failed to provide NFC tag contents to wpa_supplicant") | |
134 | dev[0].dump_monitor() | |
135 | new_ssid = "test-wps-nfc-pw-token-new-ssid" | |
136 | new_passphrase = "1234567890" | |
137 | res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex")) | |
138 | if "FAIL" in res: | |
139 | raise Exception("Failed to start Registrar using NFC password token") | |
7e3f110b | 140 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
ea295abc JM |
141 | if ev is None: |
142 | raise Exception("Association with the AP timed out") | |
a8375c94 | 143 | check_wpa2_connection(dev[0], apdev[0], hapd, new_ssid, mixed=True) |
36a860b4 JM |
144 | if "FAIL" in hapd.request("WPS_NFC_TOKEN disable"): |
145 | raise Exception("Failed to disable AP password token") | |
146 | if "FAIL" in hapd.request("WPS_NFC_TOKEN WPS"): | |
147 | raise Exception("Unexpected WPS_NFC_TOKEN WPS failure") | |
ea295abc | 148 | |
2108ae1e JM |
149 | def test_nfc_wps_handover_init(dev, apdev): |
150 | """Connect to WPS AP with NFC connection handover and move to configured state""" | |
151 | dev[0].request("SET ignore_old_scan_res 1") | |
152 | ssid = "test-wps-nfc-handover-init" | |
153 | hostapd.add_ap(apdev[0]['ifname'], | |
154 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
155 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
156 | logger.info("NFC connection handover") | |
157 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
158 | if "FAIL" in req: | |
159 | raise Exception("Failed to generate NFC connection handover request") | |
160 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
161 | if "FAIL" in sel: | |
162 | raise Exception("Failed to generate NFC connection handover select") | |
163 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
164 | if "FAIL" in res: | |
165 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
166 | dev[0].dump_monitor() | |
167 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
168 | if "FAIL" in res: | |
169 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
170 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
171 | if ev is None: | |
172 | raise Exception("Association with the AP timed out") | |
a8375c94 | 173 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True) |
2108ae1e | 174 | |
36a860b4 JM |
175 | def test_nfc_wps_handover_errors(dev, apdev): |
176 | """WPS AP NFC handover report error cases""" | |
177 | ssid = "test-wps-nfc-handover" | |
178 | hostapd.add_ap(apdev[0]['ifname'], | |
179 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
180 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
181 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
182 | if "FAIL" in sel: | |
183 | raise Exception("Failed to generate NFC connection handover select") | |
184 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER "): | |
185 | raise Exception("Unexpected handover report success") | |
186 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP"): | |
187 | raise Exception("Unexpected handover report success") | |
188 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS"): | |
189 | raise Exception("Unexpected handover report success") | |
190 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122"): | |
191 | raise Exception("Unexpected handover report success") | |
192 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 00"): | |
193 | raise Exception("Unexpected handover report success") | |
194 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 0 00"): | |
195 | raise Exception("Unexpected handover report success") | |
196 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 0"): | |
197 | raise Exception("Unexpected handover report success") | |
198 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 00q122 001122"): | |
199 | raise Exception("Unexpected handover report success") | |
200 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 001q22"): | |
201 | raise Exception("Unexpected handover report success") | |
202 | if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP FOO 001122 00"): | |
203 | raise Exception("Unexpected handover report success") | |
204 | ||
ea295abc JM |
205 | def test_nfc_wps_handover(dev, apdev): |
206 | """Connect to WPS AP with NFC connection handover""" | |
207 | ssid = "test-wps-nfc-handover" | |
208 | params = ap_wps_params(ssid) | |
209 | hostapd.add_ap(apdev[0]['ifname'], params) | |
210 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
211 | logger.info("NFC connection handover") | |
212 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
213 | if "FAIL" in req: | |
214 | raise Exception("Failed to generate NFC connection handover request") | |
215 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
216 | if "FAIL" in sel: | |
217 | raise Exception("Failed to generate NFC connection handover select") | |
218 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
219 | if "FAIL" in res: | |
220 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
221 | dev[0].dump_monitor() | |
222 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
223 | if "FAIL" in res: | |
224 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
7e3f110b | 225 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
ea295abc JM |
226 | if ev is None: |
227 | raise Exception("Association with the AP timed out") | |
a8375c94 | 228 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
fa697bb8 | 229 | |
daad14cc JM |
230 | def test_nfc_wps_handover_5ghz(dev, apdev): |
231 | """Connect to WPS AP with NFC connection handover on 5 GHz band""" | |
232 | try: | |
233 | ssid = "test-wps-nfc-handover" | |
234 | params = ap_wps_params(ssid) | |
235 | params["country_code"] = "FI" | |
236 | params["hw_mode"] = "a" | |
237 | params["channel"] = "36" | |
238 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) | |
239 | logger.info("NFC connection handover") | |
240 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
241 | if "FAIL" in req: | |
242 | raise Exception("Failed to generate NFC connection handover request") | |
243 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
244 | if "FAIL" in sel: | |
245 | raise Exception("Failed to generate NFC connection handover select") | |
246 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
247 | if "FAIL" in res: | |
248 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
249 | dev[0].dump_monitor() | |
250 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
251 | if "FAIL" in res: | |
252 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
253 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
254 | if ev is None: | |
255 | raise Exception("Association with the AP timed out") | |
a8375c94 | 256 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
daad14cc JM |
257 | finally: |
258 | subprocess.call(['sudo', 'iw', 'reg', 'set', '00']) | |
259 | ||
260 | def test_nfc_wps_handover_chan14(dev, apdev): | |
261 | """Connect to WPS AP with NFC connection handover on channel 14""" | |
262 | try: | |
263 | ssid = "test-wps-nfc-handover" | |
264 | params = ap_wps_params(ssid) | |
265 | params["country_code"] = "JP" | |
266 | params["hw_mode"] = "b" | |
267 | params["channel"] = "14" | |
268 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) | |
269 | logger.info("NFC connection handover") | |
270 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
271 | if "FAIL" in req: | |
272 | raise Exception("Failed to generate NFC connection handover request") | |
273 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
274 | if "FAIL" in sel: | |
275 | raise Exception("Failed to generate NFC connection handover select") | |
276 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
277 | if "FAIL" in res: | |
278 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
279 | dev[0].dump_monitor() | |
280 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
281 | if "FAIL" in res: | |
282 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
283 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
284 | if ev is None: | |
285 | raise Exception("Association with the AP timed out") | |
a8375c94 | 286 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
daad14cc JM |
287 | finally: |
288 | subprocess.call(['sudo', 'iw', 'reg', 'set', '00']) | |
289 | ||
8f96dadc JM |
290 | def test_nfc_wps_handover_with_pw_token_set(dev, apdev): |
291 | """Connect to WPS AP with NFC connection handover (wps_nfc_* set)""" | |
292 | ssid = "test-wps-nfc-handover2" | |
293 | params = ap_wps_params(ssid) | |
294 | hostapd.add_ap(apdev[0]['ifname'], params) | |
295 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
296 | # enable a password token (which won't be used in this test case) | |
297 | pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip() | |
298 | if "FAIL" in pw: | |
299 | raise Exception("Failed to generate password token") | |
300 | res = hapd.request("WPS_NFC_TOKEN enable") | |
301 | if "FAIL" in pw: | |
302 | raise Exception("Failed to enable AP password token") | |
303 | logger.info("NFC connection handover") | |
304 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
305 | if "FAIL" in req: | |
306 | raise Exception("Failed to generate NFC connection handover request") | |
307 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
308 | if "FAIL" in sel: | |
309 | raise Exception("Failed to generate NFC connection handover select") | |
310 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
311 | if "FAIL" in res: | |
312 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
313 | dev[0].dump_monitor() | |
314 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
315 | if "FAIL" in res: | |
316 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
317 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
318 | if ev is None: | |
319 | raise Exception("Association with the AP timed out") | |
a8375c94 | 320 | check_wpa2_connection(dev[0], apdev[0], hapd, ssid) |
8f96dadc | 321 | |
fa697bb8 JM |
322 | def test_nfc_wps_handover_pk_hash_mismatch_sta(dev, apdev): |
323 | """WPS NFC connection handover with invalid pkhash from station (negative)""" | |
324 | ssid = "wps-nfc-handover-pkhash-sta" | |
325 | if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"): | |
326 | raise Exception("Could not enable wps_corrupt_pkhash") | |
327 | params = ap_wps_params(ssid) | |
328 | hostapd.add_ap(apdev[0]['ifname'], params) | |
329 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
330 | logger.info("NFC connection handover") | |
331 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
332 | if "FAIL" in req: | |
333 | raise Exception("Failed to generate NFC connection handover request") | |
334 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
335 | if "FAIL" in sel: | |
336 | raise Exception("Failed to generate NFC connection handover select") | |
337 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
338 | if "FAIL" in res: | |
339 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
340 | dev[0].dump_monitor() | |
341 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
342 | if "FAIL" in res: | |
343 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
344 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15) | |
345 | if ev is None: | |
346 | raise Exception("Timed out") | |
347 | if "WPS-FAIL" not in ev: | |
348 | raise Exception("Public key hash mismatch not detected") | |
349 | ||
350 | def test_nfc_wps_handover_pk_hash_mismatch_ap(dev, apdev): | |
351 | """WPS NFC connection handover with invalid pkhash from AP (negative)""" | |
352 | ssid = "wps-nfc-handover-pkhash-ap" | |
353 | params = ap_wps_params(ssid) | |
354 | hostapd.add_ap(apdev[0]['ifname'], params) | |
355 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
356 | if "FAIL" in hapd.request("SET wps_corrupt_pkhash 1"): | |
357 | raise Exception("Could not enable wps_corrupt_pkhash") | |
358 | logger.info("NFC connection handover") | |
359 | req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
360 | if "FAIL" in req: | |
361 | raise Exception("Failed to generate NFC connection handover request") | |
362 | sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip() | |
363 | if "FAIL" in sel: | |
364 | raise Exception("Failed to generate NFC connection handover select") | |
365 | res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
366 | if "FAIL" in res: | |
367 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
368 | dev[0].dump_monitor() | |
369 | res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
370 | if "FAIL" in res: | |
371 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
372 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15) | |
373 | if ev is None: | |
374 | raise Exception("Timed out") | |
375 | if "WPS-FAIL" not in ev: | |
376 | raise Exception("Public key hash mismatch not detected") | |
014f60d0 JM |
377 | |
378 | def start_ap_er(er, ap, ssid): | |
379 | ap_pin = "12345670" | |
380 | ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e" | |
381 | hostapd.add_ap(ap['ifname'], | |
382 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
383 | "wpa_passphrase": "12345678", "wpa": "2", | |
384 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
385 | "device_name": "Wireless AP", "manufacturer": "Company", | |
386 | "model_name": "WAP", "model_number": "123", | |
387 | "serial_number": "12345", "device_type": "6-0050F204-1", | |
388 | "os_version": "01020300", | |
389 | "config_methods": "label push_button", | |
390 | "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}) | |
391 | logger.info("Learn AP configuration") | |
392 | er.dump_monitor() | |
393 | er.request("SET ignore_old_scan_res 1") | |
394 | er.wps_reg(ap['bssid'], ap_pin) | |
395 | ||
396 | logger.info("Start ER") | |
397 | er.request("WPS_ER_STOP") | |
398 | time.sleep(1) | |
399 | er.request("WPS_ER_START ifname=lo") | |
400 | ev = er.wait_event(["WPS-ER-AP-ADD"], timeout=15) | |
401 | if ev is None: | |
402 | raise Exception("AP discovery timed out") | |
403 | if ap_uuid not in ev: | |
404 | raise Exception("Expected AP UUID not found") | |
405 | ||
406 | logger.info("Use learned network configuration on ER") | |
407 | er.request("WPS_ER_SET_CONFIG " + ap_uuid + " 0") | |
408 | ||
409 | def test_nfc_wps_er_pw_token(dev, apdev): | |
410 | """WPS NFC password token from Enrollee to ER""" | |
411 | ssid = "wps-nfc-er-pw-token" | |
412 | start_ap_er(dev[0], apdev[0], ssid) | |
a8375c94 | 413 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
014f60d0 JM |
414 | logger.info("WPS provisioning step using password token from station") |
415 | dev[1].request("SET ignore_old_scan_res 1") | |
416 | pw = dev[1].request("WPS_NFC_TOKEN NDEF").rstrip() | |
417 | if "FAIL" in pw: | |
418 | raise Exception("Failed to generate password token") | |
419 | res = dev[0].request("WPS_NFC_TAG_READ " + pw) | |
420 | if "FAIL" in res: | |
421 | raise Exception("Failed to provide NFC tag contents to WPS ER") | |
422 | dev[0].dump_monitor() | |
423 | res = dev[1].request("WPS_NFC") | |
424 | if "FAIL" in res: | |
425 | raise Exception("Failed to start Enrollee using NFC password token") | |
426 | ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15) | |
427 | if ev is None: | |
428 | raise Exception("WPS ER did not report success") | |
429 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
430 | if ev is None: | |
431 | raise Exception("Association with the AP timed out") | |
a8375c94 | 432 | check_wpa2_connection(dev[1], apdev[0], hapd, ssid) |
014f60d0 JM |
433 | |
434 | def test_nfc_wps_er_config_token(dev, apdev): | |
435 | """WPS NFC configuration token from ER to Enrollee""" | |
436 | ssid = "wps-nfc-er-config-token" | |
437 | start_ap_er(dev[0], apdev[0], ssid) | |
a8375c94 | 438 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
014f60d0 JM |
439 | logger.info("WPS provisioning step using configuration token from ER") |
440 | conf = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN NDEF " + apdev[0]['bssid']).rstrip() | |
441 | if "FAIL" in conf: | |
442 | raise Exception("Failed to generate configugration token") | |
443 | dev[1].request("SET ignore_old_scan_res 1") | |
444 | res = dev[1].request("WPS_NFC_TAG_READ " + conf) | |
445 | if "FAIL" in res: | |
446 | raise Exception("Failed to provide NFC tag contents to wpa_supplicant") | |
447 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
448 | if ev is None: | |
449 | raise Exception("Association with the AP timed out") | |
a8375c94 | 450 | check_wpa2_connection(dev[1], apdev[0], hapd, ssid) |
014f60d0 JM |
451 | |
452 | def test_nfc_wps_er_handover(dev, apdev): | |
453 | """WPS NFC connection handover between Enrollee and ER""" | |
454 | ssid = "wps-nfc-er-handover" | |
455 | start_ap_er(dev[0], apdev[0], ssid) | |
a8375c94 | 456 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
014f60d0 JM |
457 | logger.info("WPS provisioning step using connection handover") |
458 | req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
459 | if "FAIL" in req: | |
460 | raise Exception("Failed to generate NFC connection handover request") | |
461 | sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip() | |
462 | if "FAIL" in sel: | |
463 | raise Exception("Failed to generate NFC connection handover select") | |
464 | res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
465 | if "FAIL" in res: | |
466 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
467 | dev[1].dump_monitor() | |
468 | res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
469 | if "FAIL" in res: | |
470 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
471 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
472 | if ev is None: | |
473 | raise Exception("Association with the AP timed out") | |
a8375c94 | 474 | check_wpa2_connection(dev[1], apdev[0], hapd, ssid) |
014f60d0 JM |
475 | |
476 | def test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev): | |
477 | """WPS NFC connection handover with invalid pkhash from station to ER (negative)""" | |
478 | ssid = "wps-nfc-er-handover-pkhash-sta" | |
479 | start_ap_er(dev[0], apdev[0], ssid) | |
a8375c94 | 480 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
014f60d0 JM |
481 | logger.info("WPS provisioning step using connection handover") |
482 | if "FAIL" in dev[1].request("SET wps_corrupt_pkhash 1"): | |
483 | raise Exception("Could not enable wps_corrupt_pkhash") | |
484 | dev[1].request("SET ignore_old_scan_res 1") | |
485 | req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
486 | if "FAIL" in req: | |
487 | raise Exception("Failed to generate NFC connection handover request") | |
488 | sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip() | |
489 | if "FAIL" in sel: | |
490 | raise Exception("Failed to generate NFC connection handover select") | |
491 | res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
492 | if "FAIL" in res: | |
493 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
494 | dev[1].dump_monitor() | |
495 | res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
496 | if "FAIL" in res: | |
497 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
498 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15) | |
499 | if ev is None: | |
500 | raise Exception("Timed out") | |
501 | if "WPS-FAIL" not in ev: | |
502 | raise Exception("Public key hash mismatch not detected") | |
503 | ||
504 | def test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev): | |
505 | """WPS NFC connection handover with invalid pkhash from ER to station (negative)""" | |
506 | ssid = "wps-nfc-er-handover-pkhash-er" | |
507 | start_ap_er(dev[0], apdev[0], ssid) | |
a8375c94 | 508 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
014f60d0 JM |
509 | logger.info("WPS provisioning step using connection handover") |
510 | if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"): | |
511 | raise Exception("Could not enable wps_corrupt_pkhash") | |
512 | dev[1].request("SET ignore_old_scan_res 1") | |
513 | req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip() | |
514 | if "FAIL" in req: | |
515 | raise Exception("Failed to generate NFC connection handover request") | |
516 | sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip() | |
517 | if "FAIL" in sel: | |
518 | raise Exception("Failed to generate NFC connection handover select") | |
519 | res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel) | |
520 | if "FAIL" in res: | |
521 | raise Exception("Failed to report NFC connection handover to to hostapd") | |
522 | dev[1].dump_monitor() | |
523 | res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel) | |
524 | if "FAIL" in res: | |
525 | raise Exception("Failed to report NFC connection handover to to wpa_supplicant") | |
526 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15) | |
527 | if ev is None: | |
528 | raise Exception("Timed out") | |
529 | if "WPS-FAIL" not in ev: | |
530 | raise Exception("Public key hash mismatch not detected") |