]> git.ipfire.org Git - thirdparty/hostap.git/blame - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tests: Remove trailing semicolons from python code
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
CommitLineData
f6f33f8f
JM		 1# Test cases for sigma_dut
2# Copyright (c) 2017, Qualcomm Atheros, Inc.
3#
4# This software may be distributed under the terms of the BSD license.
5# See README for more details.
6
dc60d564 7import binascii
f6f33f8f
JM		 8import logging
9logger = logging.getLogger()
10import os
11import socket
dc60d564 12import struct
f6f33f8f 13import subprocess
d84c0cf4 14import threading
f6f33f8f
JM		 15import time
16
17import hostapd
18from utils import HwsimSkip
19from hwsim import HWSimRadio
4902eb04 20import hwsim_utils
211b5d1b 21from test_dpp import check_dpp_capab, update_hapd_config
002b49ed 22from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
31157568
JM		 23from test_ap_eap import check_eap_capa
24from test_ap_hs20 import hs20_ap_params
f6f33f8f
JM		 25
26def check_sigma_dut():
27 if not os.path.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
29
d84c0cf4 30def sigma_dut_cmd(cmd, port=9000, timeout=2):
f6f33f8f
JM		 31 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
32 socket.IPPROTO_TCP)
d84c0cf4 33 sock.settimeout(timeout)
f6f33f8f
JM		 34 addr = ('127.0.0.1', port)
35 sock.connect(addr)
36 sock.send(cmd + "\r\n")
37 try:
38 res = sock.recv(1000)
39 running = False
40 done = False
41 for line in res.splitlines():
42 if line.startswith("status,RUNNING"):
43 running = True
44 elif line.startswith("status,INVALID"):
45 done = True
46 elif line.startswith("status,ERROR"):
47 done = True
48 elif line.startswith("status,COMPLETE"):
49 done = True
50 if running and not done:
51 # Read the actual response
52 res = sock.recv(1000)
53 except:
54 res = ''
55 pass
56 sock.close()
57 res = res.rstrip()
58 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
59 return res
60
d84c0cf4
JM		 61def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
62 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
f6f33f8f
JM		 63 if "COMPLETE" not in res:
64 raise Exception("sigma_dut command failed: " + cmd)
65 return res
66
4902eb04
JM		 67def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None,
68 bridge=None):
f6f33f8f
JM		 69 check_sigma_dut()
70 cmd = [ './sigma_dut',
71 '-M', ifname,
72 '-S', ifname,
73 '-F', '../../hostapd/hostapd',
74 '-G',
d84c0cf4 75 '-w', '/var/run/wpa_supplicant/',
f6f33f8f
JM		 76 '-j', ifname ]
77 if debug:
78 cmd += [ '-d' ]
2ef00a36
JM		 79 if hostapd_logdir:
80 cmd += [ '-H', hostapd_logdir ]
81 if cert_path:
82 cmd += [ '-C', cert_path ]
4902eb04
JM		 83 if bridge:
84 cmd += [ '-b', bridge ]
f6f33f8f
JM		 85 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
86 stderr=subprocess.PIPE)
87 for i in range(20):
88 try:
89 res = sigma_dut_cmd("HELLO")
90 break
91 except:
92 time.sleep(0.05)
93 return sigma
94
95def stop_sigma_dut(sigma):
96 sigma.terminate()
97 sigma.wait()
98 out, err = sigma.communicate()
99 logger.debug("sigma_dut stdout: " + str(out))
100 logger.debug("sigma_dut stderr: " + str(err))
101
102def sigma_dut_wait_connected(ifname):
103 for i in range(50):
104 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
105 if "connected,1" in res:
106 break
107 time.sleep(0.2)
108 if i == 49:
109 raise Exception("Connection did not complete")
110
111def test_sigma_dut_basic(dev, apdev):
112 """sigma_dut basic functionality"""
113 sigma = start_sigma_dut(dev[0].ifname)
114
115 res = sigma_dut_cmd("UNKNOWN")
116 if "status,INVALID,errorCode,Unknown command" not in res:
117 raise Exception("Unexpected sigma_dut response to unknown command")
118
119 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
120 ("device_get_info", "status,COMPLETE,vendor"),
121 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
122 ("device_list_interfaces,interfaceType,802.11",
123 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
124 for cmd, response in tests:
125 res = sigma_dut_cmd(cmd)
126 if response not in res:
127 raise Exception("Unexpected %s response: %s" % (cmd, res))
128
129 stop_sigma_dut(sigma)
130
131def test_sigma_dut_open(dev, apdev):
132 """sigma_dut controlled open network association"""
65fa9d96
JM		 133 try:
134 run_sigma_dut_open(dev, apdev)
135 finally:
136 dev[0].set("ignore_old_scan_res", "0")
137
138def run_sigma_dut_open(dev, apdev):
f6f33f8f
JM		 139 ifname = dev[0].ifname
140 sigma = start_sigma_dut(ifname)
141
142 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
143
144 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
145 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
146 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
147 sigma_dut_wait_connected(ifname)
148 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
149 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
150 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
151
152 stop_sigma_dut(sigma)
153
154def test_sigma_dut_psk_pmf(dev, apdev):
155 """sigma_dut controlled PSK+PMF association"""
65fa9d96
JM		 156 try:
157 run_sigma_dut_psk_pmf(dev, apdev)
158 finally:
159 dev[0].set("ignore_old_scan_res", "0")
160
161def run_sigma_dut_psk_pmf(dev, apdev):
f6f33f8f
JM		 162 ifname = dev[0].ifname
163 sigma = start_sigma_dut(ifname)
164
165 ssid = "test-pmf-required"
166 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
167 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
168 params["ieee80211w"] = "2"
169 hapd = hostapd.add_ap(apdev[0], params)
170
171 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
172 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
173 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
174 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
175 sigma_dut_wait_connected(ifname)
176 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
177 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
178 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
179
180 stop_sigma_dut(sigma)
181
8cfdca12
JM		 182def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
183 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
184 try:
185 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
186 finally:
187 dev[0].set("ignore_old_scan_res", "0")
188
189def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
190 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
191 try:
192 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
193 finally:
194 dev[0].set("ignore_old_scan_res", "0")
195
196def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
197 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
198 try:
199 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
200 finally:
201 dev[0].set("ignore_old_scan_res", "0")
202
203def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
204 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
205 try:
206 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
207 finally:
208 dev[0].set("ignore_old_scan_res", "0")
209
210def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
211 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
212 try:
213 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
214 failure=True)
215 finally:
216 dev[0].set("ignore_old_scan_res", "0")
217
218def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
219 failure=False):
220 ifname = dev[0].ifname
221 sigma = start_sigma_dut(ifname)
222
223 ssid = "test-pmf-required"
224 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
225 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
226 params["ieee80211w"] = "2"
227 params["group_mgmt_cipher"] = hostapd_cipher
228 hapd = hostapd.add_ap(apdev[0], params)
229
230 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
231 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
232 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
233 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
234 if failure:
235 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
236 "CTRL-EVENT-CONNECTED"], timeout=10)
237 if ev is None:
238 raise Exception("Network selection result not indicated")
239 if "CTRL-EVENT-CONNECTED" in ev:
240 raise Exception("Unexpected connection")
241 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
242 if "connected,1" in res:
243 raise Exception("Connection reported")
244 else:
245 sigma_dut_wait_connected(ifname)
246 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
247
248 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
249 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
250
251 stop_sigma_dut(sigma)
252
1ed508d9
JM		 253def test_sigma_dut_sae(dev, apdev):
254 """sigma_dut controlled SAE association"""
255 if "SAE" not in dev[0].get_capability("auth_alg"):
256 raise HwsimSkip("SAE not supported")
257
258 ifname = dev[0].ifname
259 sigma = start_sigma_dut(ifname)
260
261 ssid = "test-sae"
262 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
263 params['wpa_key_mgmt'] = 'SAE'
7b498eca 264 params["ieee80211w"] = "2"
1ed508d9
JM		 265 hapd = hostapd.add_ap(apdev[0], params)
266
267 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
268 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
269 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
270 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
271 sigma_dut_wait_connected(ifname)
272 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
273 if dev[0].get_status_field('sae_group') != '19':
274 raise Exception("Expected default SAE group not used")
275 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
276
277 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
278
279 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
280 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
281 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
282 sigma_dut_wait_connected(ifname)
283 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
284 if dev[0].get_status_field('sae_group') != '20':
285 raise Exception("Expected SAE group not used")
286 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
287 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
288
289 stop_sigma_dut(sigma)
290
6644069c
JM		 291def test_sigma_dut_sae_password(dev, apdev):
292 """sigma_dut controlled SAE association and long password"""
293 if "SAE" not in dev[0].get_capability("auth_alg"):
294 raise HwsimSkip("SAE not supported")
295
296 ifname = dev[0].ifname
297 sigma = start_sigma_dut(ifname)
298
299 try:
300 ssid = "test-sae"
301 params = hostapd.wpa2_params(ssid=ssid)
302 params['sae_password'] = 100*'B'
303 params['wpa_key_mgmt'] = 'SAE'
7b498eca 304 params["ieee80211w"] = "2"
6644069c
JM		 305 hapd = hostapd.add_ap(apdev[0], params)
306
307 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
308 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
309 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
310 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
311 sigma_dut_wait_connected(ifname)
312 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
313 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
314 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
315 finally:
316 stop_sigma_dut(sigma)
317
f6f33f8f
JM		 318def test_sigma_dut_sta_override_rsne(dev, apdev):
319 """sigma_dut and RSNE override on STA"""
65fa9d96
JM		 320 try:
321 run_sigma_dut_sta_override_rsne(dev, apdev)
322 finally:
323 dev[0].set("ignore_old_scan_res", "0")
324
325def run_sigma_dut_sta_override_rsne(dev, apdev):
f6f33f8f
JM		 326 ifname = dev[0].ifname
327 sigma = start_sigma_dut(ifname)
328
329 ssid = "test-psk"
330 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
331 hapd = hostapd.add_ap(apdev[0], params)
332
333 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
334
335 tests = [ "30120100000fac040100000fac040100000fac02",
336 "30140100000fac040100000fac040100000fac02ffff" ]
337 for test in tests:
338 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
339 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
340 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
341 sigma_dut_wait_connected(ifname)
342 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
343 dev[0].dump_monitor()
344
345 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
346 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
347 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
348
349 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
350 if ev is None:
351 raise Exception("Association rejection not reported")
352 if "status_code=40" not in ev:
353 raise Exception("Unexpected status code: " + ev)
354
355 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
356
357 stop_sigma_dut(sigma)
358
359def test_sigma_dut_ap_psk(dev, apdev):
360 """sigma_dut controlled AP"""
361 with HWSimRadio() as (radio, iface):
362 sigma = start_sigma_dut(iface)
363 try:
364 sigma_dut_cmd_check("ap_reset_default")
365 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
366 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
367 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
368
369 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
370
371 sigma_dut_cmd_check("ap_reset_default")
372 finally:
373 stop_sigma_dut(sigma)
374
20c18348
JM		 375def test_sigma_dut_ap_pskhex(dev, apdev, params):
376 """sigma_dut controlled AP and PSKHEX"""
377 logdir = os.path.join(params['logdir'],
378 "sigma_dut_ap_pskhex.sigma-hostapd")
379 with HWSimRadio() as (radio, iface):
380 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
381 try:
382 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
383 sigma_dut_cmd_check("ap_reset_default")
384 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
385 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
386 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
387
388 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
389
390 sigma_dut_cmd_check("ap_reset_default")
391 finally:
392 stop_sigma_dut(sigma)
393
63add34e
JM		 394def test_sigma_dut_ap_psk_sha256(dev, apdev, params):
395 """sigma_dut controlled AP PSK SHA256"""
396 logdir = os.path.join(params['logdir'],
397 "sigma_dut_ap_psk_sha256.sigma-hostapd")
398 with HWSimRadio() as (radio, iface):
399 sigma = start_sigma_dut(iface)
400 try:
401 sigma_dut_cmd_check("ap_reset_default")
402 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
403 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
404 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
405
406 dev[0].connect("test-psk", key_mgmt="WPA-PSK-SHA256",
407 psk="12345678", scan_freq="2412")
408
409 sigma_dut_cmd_check("ap_reset_default")
410 finally:
411 stop_sigma_dut(sigma)
412
2ef00a36
JM		 413def test_sigma_dut_suite_b(dev, apdev, params):
414 """sigma_dut controlled STA Suite B"""
415 check_suite_b_192_capa(dev)
416 logdir = params['logdir']
417
418 with open("auth_serv/ec2-ca.pem", "r") as f:
419 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
420 f2.write(f.read())
421
422 with open("auth_serv/ec2-user.pem", "r") as f:
423 with open("auth_serv/ec2-user.key", "r") as f2:
424 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
425 f3.write(f.read())
426 f3.write(f2.read())
427
428 dev[0].flush_scan_cache()
429 params = suite_b_as_params()
430 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
431 params['server_cert'] = 'auth_serv/ec2-server.pem'
432 params['private_key'] = 'auth_serv/ec2-server.key'
433 params['openssl_ciphers'] = 'SUITEB192'
434 hostapd.add_ap(apdev[1], params)
435
436 params = { "ssid": "test-suite-b",
437 "wpa": "2",
438 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
439 "rsn_pairwise": "GCMP-256",
440 "group_mgmt_cipher": "BIP-GMAC-256",
441 "ieee80211w": "2",
442 "ieee8021x": "1",
443 'auth_server_addr': "127.0.0.1",
444 'auth_server_port': "18129",
445 'auth_server_shared_secret': "radius",
446 'nas_identifier': "nas.w1.fi" }
447 hapd = hostapd.add_ap(apdev[0], params)
448
449 ifname = dev[0].ifname
450 sigma = start_sigma_dut(ifname, cert_path=logdir)
451
452 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
453 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
6f90cfd7 454 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
2ef00a36
JM		 455 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
456 sigma_dut_wait_connected(ifname)
457 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
458 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
459 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
460
461 stop_sigma_dut(sigma)
462
002b49ed
JM		 463def test_sigma_dut_suite_b_rsa(dev, apdev, params):
464 """sigma_dut controlled STA Suite B (RSA)"""
465 check_suite_b_192_capa(dev)
466 logdir = params['logdir']
467
468 with open("auth_serv/rsa3072-ca.pem", "r") as f:
469 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
470 f2.write(f.read())
471
472 with open("auth_serv/rsa3072-user.pem", "r") as f:
473 with open("auth_serv/rsa3072-user.key", "r") as f2:
474 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
475 f3.write(f.read())
476 f3.write(f2.read())
477
478 dev[0].flush_scan_cache()
479 params = suite_b_192_rsa_ap_params()
480 hapd = hostapd.add_ap(apdev[0], params)
481
482 ifname = dev[0].ifname
483 sigma = start_sigma_dut(ifname, cert_path=logdir)
484
6f90cfd7 485 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
002b49ed
JM		 486
487 tests = [ "",
488 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
489 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
490 for extra in tests:
491 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
492 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
493 sigma_dut_cmd_check(cmd + extra)
494 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
495 sigma_dut_wait_connected(ifname)
496 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
497 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
498 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
499
500 stop_sigma_dut(sigma)
501
2ef00a36
JM		 502def test_sigma_dut_ap_suite_b(dev, apdev, params):
503 """sigma_dut controlled AP Suite B"""
504 check_suite_b_192_capa(dev)
505 logdir = os.path.join(params['logdir'],
506 "sigma_dut_ap_suite_b.sigma-hostapd")
507 params = suite_b_as_params()
508 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
509 params['server_cert'] = 'auth_serv/ec2-server.pem'
510 params['private_key'] = 'auth_serv/ec2-server.key'
511 params['openssl_ciphers'] = 'SUITEB192'
512 hostapd.add_ap(apdev[1], params)
513 with HWSimRadio() as (radio, iface):
514 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
515 try:
516 sigma_dut_cmd_check("ap_reset_default")
517 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
518 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
6f90cfd7 519 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
2ef00a36
JM		 520 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
521
522 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
523 ieee80211w="2",
524 openssl_ciphers="SUITEB192",
525 eap="TLS", identity="tls user",
526 ca_cert="auth_serv/ec2-ca.pem",
527 client_cert="auth_serv/ec2-user.pem",
528 private_key="auth_serv/ec2-user.key",
529 pairwise="GCMP-256", group="GCMP-256",
530 scan_freq="2412")
531
532 sigma_dut_cmd_check("ap_reset_default")
533 finally:
534 stop_sigma_dut(sigma)
535
536def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
537 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
538 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
539 "GCMP")
540
541def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
542 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
543 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
544 "GCMP-256")
545
546def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
547 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
548 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
549 "CCMP")
550
551def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
552 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
553 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
554 "CCMP-256")
555
6af3b593
JM		 556def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
557 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
558 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
559 "BIP-GMAC-256", "CCMP")
560
561def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
562 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
563 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
564 "BIP-GMAC-256", "GCMP-256", "CCMP")
565
21fd5576
JM		 566def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
567 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
568 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
569 "GCMP-256", "CCMP", "AES-CCMP-128")
570
2ef00a36 571def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
21fd5576 572 sta_cipher, sta_cipher_group=None, ap_group=None):
2ef00a36
JM		 573 check_suite_b_192_capa(dev)
574 logdir = os.path.join(params['logdir'],
575 "sigma_dut_ap_cipher.sigma-hostapd")
576 params = suite_b_as_params()
577 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
578 params['server_cert'] = 'auth_serv/ec2-server.pem'
579 params['private_key'] = 'auth_serv/ec2-server.key'
580 params['openssl_ciphers'] = 'SUITEB192'
581 hostapd.add_ap(apdev[1], params)
582 with HWSimRadio() as (radio, iface):
583 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
584 try:
585 sigma_dut_cmd_check("ap_reset_default")
586 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
587 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
21fd5576
JM		 588 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
589 if ap_group:
590 cmd += ",GroupCipher,%s" % ap_group
591 sigma_dut_cmd_check(cmd)
2ef00a36
JM		 592 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
593
6af3b593
JM		 594 if sta_cipher_group is None:
595 sta_cipher_group = sta_cipher
2ef00a36
JM		 596 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
597 ieee80211w="2",
598 openssl_ciphers="SUITEB192",
599 eap="TLS", identity="tls user",
600 ca_cert="auth_serv/ec2-ca.pem",
601 client_cert="auth_serv/ec2-user.pem",
602 private_key="auth_serv/ec2-user.key",
6af3b593 603 pairwise=sta_cipher, group=sta_cipher_group,
2ef00a36
JM		 604 scan_freq="2412")
605
606 sigma_dut_cmd_check("ap_reset_default")
607 finally:
608 stop_sigma_dut(sigma)
609
f6f33f8f
JM		 610def test_sigma_dut_ap_override_rsne(dev, apdev):
611 """sigma_dut controlled AP overriding RSNE"""
612 with HWSimRadio() as (radio, iface):
613 sigma = start_sigma_dut(iface)
614 try:
615 sigma_dut_cmd_check("ap_reset_default")
616 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
617 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
618 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
619 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
620
621 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
622
623 sigma_dut_cmd_check("ap_reset_default")
624 finally:
625 stop_sigma_dut(sigma)
1ed508d9 626
7b498eca 627def test_sigma_dut_ap_sae(dev, apdev, params):
1ed508d9 628 """sigma_dut controlled AP with SAE"""
7b498eca
JM		 629 logdir = os.path.join(params['logdir'],
630 "sigma_dut_ap_sae.sigma-hostapd")
6e6651d0
JM		 631 if "SAE" not in dev[0].get_capability("auth_alg"):
632 raise HwsimSkip("SAE not supported")
1ed508d9 633 with HWSimRadio() as (radio, iface):
7b498eca 634 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1ed508d9
JM		 635 try:
636 sigma_dut_cmd_check("ap_reset_default")
637 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
638 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
639 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
640
641 dev[0].request("SET sae_groups ")
642 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
7b498eca 643 ieee80211w="2", scan_freq="2412")
1ed508d9
JM		 644 if dev[0].get_status_field('sae_group') != '19':
645 raise Exception("Expected default SAE group not used")
646
647 sigma_dut_cmd_check("ap_reset_default")
6644069c
JM		 648 finally:
649 stop_sigma_dut(sigma)
650
7b498eca 651def test_sigma_dut_ap_sae_password(dev, apdev, params):
6644069c 652 """sigma_dut controlled AP with SAE and long password"""
7b498eca
JM		 653 logdir = os.path.join(params['logdir'],
654 "sigma_dut_ap_sae_password.sigma-hostapd")
6e6651d0
JM		 655 if "SAE" not in dev[0].get_capability("auth_alg"):
656 raise HwsimSkip("SAE not supported")
6644069c 657 with HWSimRadio() as (radio, iface):
7b498eca 658 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
6644069c
JM		 659 try:
660 sigma_dut_cmd_check("ap_reset_default")
661 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
662 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
663 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
664
665 dev[0].request("SET sae_groups ")
666 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
7b498eca 667 ieee80211w="2", scan_freq="2412")
6644069c
JM		 668 if dev[0].get_status_field('sae_group') != '19':
669 raise Exception("Expected default SAE group not used")
670
671 sigma_dut_cmd_check("ap_reset_default")
1ed508d9
JM		 672 finally:
673 stop_sigma_dut(sigma)
674
7b498eca 675def test_sigma_dut_ap_sae_group(dev, apdev, params):
1ed508d9 676 """sigma_dut controlled AP with SAE and specific group"""
7b498eca
JM		 677 logdir = os.path.join(params['logdir'],
678 "sigma_dut_ap_sae_group.sigma-hostapd")
6e6651d0
JM		 679 if "SAE" not in dev[0].get_capability("auth_alg"):
680 raise HwsimSkip("SAE not supported")
1ed508d9 681 with HWSimRadio() as (radio, iface):
7b498eca 682 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1ed508d9
JM		 683 try:
684 sigma_dut_cmd_check("ap_reset_default")
685 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
686 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
687 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
688
689 dev[0].request("SET sae_groups ")
690 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
7b498eca 691 ieee80211w="2", scan_freq="2412")
1ed508d9
JM		 692 if dev[0].get_status_field('sae_group') != '20':
693 raise Exception("Expected SAE group not used")
694
695 sigma_dut_cmd_check("ap_reset_default")
696 finally:
697 stop_sigma_dut(sigma)
698
7b498eca 699def test_sigma_dut_ap_psk_sae(dev, apdev, params):
1ed508d9 700 """sigma_dut controlled AP with PSK+SAE"""
6e6651d0
JM		 701 if "SAE" not in dev[0].get_capability("auth_alg"):
702 raise HwsimSkip("SAE not supported")
7b498eca
JM		 703 logdir = os.path.join(params['logdir'],
704 "sigma_dut_ap_psk_sae.sigma-hostapd")
1ed508d9 705 with HWSimRadio() as (radio, iface):
7b498eca 706 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1ed508d9
JM		 707 try:
708 sigma_dut_cmd_check("ap_reset_default")
709 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
710 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
711 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
712
7b498eca
JM		 713 dev[2].request("SET sae_groups ")
714 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
715 scan_freq="2412", ieee80211w="0", wait_connect=False)
1ed508d9
JM		 716 dev[0].request("SET sae_groups ")
717 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
7b498eca 718 scan_freq="2412", ieee80211w="2")
1ed508d9
JM		 719 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
720
7b498eca
JM		 721 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
722 dev[2].request("DISCONNECT")
723 if ev is not None:
724 raise Exception("Unexpected connection without PMF")
725
1ed508d9
JM		 726 sigma_dut_cmd_check("ap_reset_default")
727 finally:
728 stop_sigma_dut(sigma)
b9c0e1fa
JM		 729
730def test_sigma_dut_owe(dev, apdev):
731 """sigma_dut controlled OWE station"""
732 try:
733 run_sigma_dut_owe(dev, apdev)
734 finally:
735 dev[0].set("ignore_old_scan_res", "0")
736
737def run_sigma_dut_owe(dev, apdev):
738 if "OWE" not in dev[0].get_capability("key_mgmt"):
739 raise HwsimSkip("OWE not supported")
740
741 ifname = dev[0].ifname
742 sigma = start_sigma_dut(ifname)
743
744 try:
745 params = { "ssid": "owe",
746 "wpa": "2",
747 "wpa_key_mgmt": "OWE",
7b498eca 748 "ieee80211w": "2",
b9c0e1fa
JM		 749 "rsn_pairwise": "CCMP" }
750 hapd = hostapd.add_ap(apdev[0], params)
751 bssid = hapd.own_addr()
752
753 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
754 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
755 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
756 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
757 sigma_dut_wait_connected(ifname)
758 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
759
760 dev[0].dump_monitor()
761 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
762 dev[0].wait_connected()
763 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
764 dev[0].wait_disconnected()
765 dev[0].dump_monitor()
766
767 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
768 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
769 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
770 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
771 sigma_dut_wait_connected(ifname)
772 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
e30de6c2
JM		 773 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
774 dev[0].wait_disconnected()
775 dev[0].dump_monitor()
776
777 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
778 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
779 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
780 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
781 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
782 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
783 if ev is None:
784 raise Exception("Association not rejected")
785 if "status_code=77" not in ev:
786 raise Exception("Unexpected rejection reason: " + ev)
b9c0e1fa
JM		 787
788 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
789 finally:
790 stop_sigma_dut(sigma)
791
7b498eca 792def test_sigma_dut_ap_owe(dev, apdev, params):
b9c0e1fa 793 """sigma_dut controlled AP with OWE"""
7b498eca
JM		 794 logdir = os.path.join(params['logdir'],
795 "sigma_dut_ap_owe.sigma-hostapd")
b9c0e1fa
JM		 796 if "OWE" not in dev[0].get_capability("key_mgmt"):
797 raise HwsimSkip("OWE not supported")
798 with HWSimRadio() as (radio, iface):
7b498eca 799 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
b9c0e1fa
JM		 800 try:
801 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
802 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
803 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
804 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
805
7b498eca
JM		 806 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
807 scan_freq="2412")
b9c0e1fa
JM		 808
809 sigma_dut_cmd_check("ap_reset_default")
810 finally:
811 stop_sigma_dut(sigma)
7f811be5
JM		 812
813def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
814 """sigma_dut controlled AP with OWE and ECGroupID"""
815 if "OWE" not in dev[0].get_capability("key_mgmt"):
816 raise HwsimSkip("OWE not supported")
817 with HWSimRadio() as (radio, iface):
818 sigma = start_sigma_dut(iface)
819 try:
820 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
821 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
822 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
823 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
824
825 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
826 owe_group="20", scan_freq="2412")
827 dev[0].request("REMOVE_NETWORK all")
828 dev[0].wait_disconnected()
829
830 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
831 owe_group="21", scan_freq="2412")
832 dev[0].request("REMOVE_NETWORK all")
833 dev[0].wait_disconnected()
834
835 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
836 owe_group="19", scan_freq="2412", wait_connect=False)
837 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
838 dev[0].request("DISCONNECT")
839 if ev is None:
840 raise Exception("Association not rejected")
841 if "status_code=77" not in ev:
842 raise Exception("Unexpected rejection reason: " + ev)
843 dev[0].dump_monitor()
844
845 sigma_dut_cmd_check("ap_reset_default")
846 finally:
847 stop_sigma_dut(sigma)
86fd7d70
JM		 848
849def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
850 """sigma_dut controlled AP with OWE and transition mode"""
851 if "OWE" not in dev[0].get_capability("key_mgmt"):
852 raise HwsimSkip("OWE not supported")
853 logdir = os.path.join(params['logdir'],
854 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
855 with HWSimRadio() as (radio, iface):
856 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
857 try:
858 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
859 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
860 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
861 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
862 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
863 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
864
89c343e8
JM		 865 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
866 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
867
7b498eca
JM		 868 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
869 scan_freq="2412")
86fd7d70 870 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
89c343e8
JM		 871 if dev[0].get_status_field('bssid') not in res1:
872 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
873 if dev[1].get_status_field('bssid') not in res2:
874 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
86fd7d70
JM		 875
876 sigma_dut_cmd_check("ap_reset_default")
877 finally:
878 stop_sigma_dut(sigma)
d84c0cf4 879
c5238c48
JM		 880def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
881 """sigma_dut controlled AP with OWE and transition mode (2)"""
882 if "OWE" not in dev[0].get_capability("key_mgmt"):
883 raise HwsimSkip("OWE not supported")
884 logdir = os.path.join(params['logdir'],
885 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
886 with HWSimRadio() as (radio, iface):
887 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
888 try:
889 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
890 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
891 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
892 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
893 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
894 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
895
896 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
897 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
898
899 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
900 scan_freq="2412")
901 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
902 if dev[0].get_status_field('bssid') not in res2:
903 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
904 if dev[1].get_status_field('bssid') not in res1:
905 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
906
907 sigma_dut_cmd_check("ap_reset_default")
908 finally:
909 stop_sigma_dut(sigma)
910
d84c0cf4
JM		 911def dpp_init_enrollee(dev, id1):
912 logger.info("Starting DPP initiator/enrollee in a thread")
913 time.sleep(1)
914 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
915 if "OK" not in dev.request(cmd):
916 raise Exception("Failed to initiate DPP Authentication")
917 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
918 if ev is None:
919 raise Exception("DPP configuration not completed (Enrollee)")
920 logger.info("DPP initiator/enrollee done")
921
922def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
923 """sigma_dut DPP/QR responder (conf index 1)"""
924 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
925
926def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
927 """sigma_dut DPP/QR responder (conf index 2)"""
928 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
929
930def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
931 """sigma_dut DPP/QR responder (conf index 3)"""
932 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
933
934def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
935 """sigma_dut DPP/QR responder (conf index 4)"""
936 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
937
23c45cd0
JM		 938def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
939 """sigma_dut DPP/QR responder (conf index 5)"""
940 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
941
942def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
943 """sigma_dut DPP/QR responder (conf index 6)"""
944 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
945
946def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
947 """sigma_dut DPP/QR responder (conf index 7)"""
948 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
949
b014624b
JM		 950def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
951 """sigma_dut DPP/QR responder (channel list override)"""
952 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
953 listen_chan=2)
954
955def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
956 listen_chan=None):
d84c0cf4
JM		 957 check_dpp_capab(dev[0])
958 check_dpp_capab(dev[1])
959 sigma = start_sigma_dut(dev[0].ifname)
960 try:
b014624b
JM		 961 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
962 if chan_list:
963 cmd += ",DPPChannelList," + chan_list
964 res = sigma_dut_cmd(cmd)
d84c0cf4
JM		 965 if "status,COMPLETE" not in res:
966 raise Exception("dev_exec_action did not succeed: " + res)
967 hex = res.split(',')[3]
968 uri = hex.decode('hex')
969 logger.info("URI from sigma_dut: " + uri)
970
971 res = dev[1].request("DPP_QR_CODE " + uri)
972 if "FAIL" in res:
973 raise Exception("Failed to parse QR Code URI")
974 id1 = int(res)
975
976 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
977 t.start()
14f8e081 978 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
b014624b
JM		 979 if listen_chan:
980 cmd += ",DPPListenChannel," + str(listen_chan)
981 res = sigma_dut_cmd(cmd, timeout=10)
d84c0cf4
JM		 982 t.join()
983 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
984 raise Exception("Unexpected result: " + res)
985 finally:
986 stop_sigma_dut(sigma)
987
988def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
989 """sigma_dut DPP/QR initiator as Enrollee"""
990 check_dpp_capab(dev[0])
991 check_dpp_capab(dev[1])
992
993 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
994 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
995 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
996 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
997
998 params = { "ssid": "DPPNET01",
999 "wpa": "2",
3e3d634f 1000 "ieee80211w": "2",
d84c0cf4
JM		 1001 "wpa_key_mgmt": "DPP",
1002 "rsn_pairwise": "CCMP",
1003 "dpp_connector": ap_connector,
1004 "dpp_csign": csign_pub,
1005 "dpp_netaccesskey": ap_netaccesskey }
1006 try:
1007 hapd = hostapd.add_ap(apdev[0], params)
1008 except:
1009 raise HwsimSkip("DPP not supported")
1010
1011 sigma = start_sigma_dut(dev[0].ifname)
1012 try:
1013 dev[0].set("dpp_config_processing", "2")
1014
1015 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
58be42b2 1016 res = dev[1].request(cmd)
d84c0cf4
JM		 1017 if "FAIL" in res:
1018 raise Exception("Failed to add configurator")
1019 conf_id = int(res)
1020
1021 addr = dev[1].own_addr().replace(':', '')
1022 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1023 res = dev[1].request(cmd)
1024 if "FAIL" in res:
1025 raise Exception("Failed to generate bootstrapping info")
1026 id0 = int(res)
1027 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1028
1029 dev[1].set("dpp_configurator_params",
58be42b2 1030 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
d84c0cf4
JM		 1031 cmd = "DPP_LISTEN 2437 role=configurator"
1032 if "OK" not in dev[1].request(cmd):
1033 raise Exception("Failed to start listen operation")
1034
1035 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1036 if "status,COMPLETE" not in res:
1037 raise Exception("dev_exec_action did not succeed: " + res)
1038
1039 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1040 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1041 raise Exception("Unexpected result: " + res)
1042 finally:
1043 dev[0].set("dpp_config_processing", "0")
1044 stop_sigma_dut(sigma)
1045
1046def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1047 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
33cddd7f
JM		 1048 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1049
1050def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1051 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1052 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1053 extra="DPPAuthDirection,Mutual,")
1054
1055def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
d84c0cf4
JM		 1056 check_dpp_capab(dev[0])
1057 check_dpp_capab(dev[1])
1058
1059 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1060 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1061 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1062 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1063
1064 params = { "ssid": "DPPNET01",
1065 "wpa": "2",
3e3d634f 1066 "ieee80211w": "2",
d84c0cf4
JM		 1067 "wpa_key_mgmt": "DPP",
1068 "rsn_pairwise": "CCMP",
1069 "dpp_connector": ap_connector,
1070 "dpp_csign": csign_pub,
1071 "dpp_netaccesskey": ap_netaccesskey }
1072 try:
1073 hapd = hostapd.add_ap(apdev[0], params)
1074 except:
1075 raise HwsimSkip("DPP not supported")
1076
1077 sigma = start_sigma_dut(dev[0].ifname)
1078 try:
1079 dev[0].set("dpp_config_processing", "2")
1080
1081 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
58be42b2 1082 res = dev[1].request(cmd)
d84c0cf4
JM		 1083 if "FAIL" in res:
1084 raise Exception("Failed to add configurator")
1085 conf_id = int(res)
1086
1087 addr = dev[1].own_addr().replace(':', '')
1088 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1089 res = dev[1].request(cmd)
1090 if "FAIL" in res:
1091 raise Exception("Failed to generate bootstrapping info")
1092 id0 = int(res)
1093 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1094
1095 dev[1].set("dpp_configurator_params",
58be42b2 1096 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
d84c0cf4
JM		 1097 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1098 if "OK" not in dev[1].request(cmd):
1099 raise Exception("Failed to start listen operation")
1100
1101 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1102 if "status,COMPLETE" not in res:
1103 raise Exception("dev_exec_action did not succeed: " + res)
1104 hex = res.split(',')[3]
1105 uri = hex.decode('hex')
1106 logger.info("URI from sigma_dut: " + uri)
1107
1108 res = dev[1].request("DPP_QR_CODE " + uri)
1109 if "FAIL" in res:
1110 raise Exception("Failed to parse QR Code URI")
1111 id1 = int(res)
1112
1113 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1114 if "status,COMPLETE" not in res:
1115 raise Exception("dev_exec_action did not succeed: " + res)
1116
33cddd7f 1117 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
d84c0cf4
JM		 1118 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1119 raise Exception("Unexpected result: " + res)
1120 finally:
1121 dev[0].set("dpp_config_processing", "0")
1122 stop_sigma_dut(sigma)
1123
1124def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1125 time.sleep(1)
1126 logger.info("Starting DPP initiator/configurator in a thread")
1127 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, "DPPNET01".encode("hex"), conf_id)
1128 if own_id is not None:
1129 cmd += " own=%d" % own_id
1130 if "OK" not in dev.request(cmd):
1131 raise Exception("Failed to initiate DPP Authentication")
1132 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1133 if ev is None:
1134 raise Exception("DPP configuration not completed (Configurator)")
1135 logger.info("DPP initiator/configurator done")
1136
1137def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1138 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
71db91db
JM		 1139 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1140
1141def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1142 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1143 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1144
1145def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
d84c0cf4
JM		 1146 check_dpp_capab(dev[0])
1147 check_dpp_capab(dev[1])
1148
1149 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1150 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1151 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1152 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1153
1154 params = { "ssid": "DPPNET01",
1155 "wpa": "2",
3e3d634f 1156 "ieee80211w": "2",
d84c0cf4
JM		 1157 "wpa_key_mgmt": "DPP",
1158 "rsn_pairwise": "CCMP",
1159 "dpp_connector": ap_connector,
1160 "dpp_csign": csign_pub,
1161 "dpp_netaccesskey": ap_netaccesskey }
1162 try:
1163 hapd = hostapd.add_ap(apdev[0], params)
1164 except:
1165 raise HwsimSkip("DPP not supported")
1166
1167 sigma = start_sigma_dut(dev[0].ifname)
1168 try:
1169 dev[0].set("dpp_config_processing", "2")
1170
1171 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
58be42b2 1172 res = dev[1].request(cmd)
d84c0cf4
JM		 1173 if "FAIL" in res:
1174 raise Exception("Failed to add configurator")
1175 conf_id = int(res)
1176
1177 addr = dev[1].own_addr().replace(':', '')
1178 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1179 res = dev[1].request(cmd)
1180 if "FAIL" in res:
1181 raise Exception("Failed to generate bootstrapping info")
1182 id0 = int(res)
1183 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1184
d84c0cf4
JM		 1185 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1186 if "status,COMPLETE" not in res:
1187 raise Exception("dev_exec_action did not succeed: " + res)
1188 hex = res.split(',')[3]
1189 uri = hex.decode('hex')
1190 logger.info("URI from sigma_dut: " + uri)
1191
1192 res = dev[1].request("DPP_QR_CODE " + uri)
1193 if "FAIL" in res:
1194 raise Exception("Failed to parse QR Code URI")
1195 id1 = int(res)
1196
1197 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1198 if "status,COMPLETE" not in res:
1199 raise Exception("dev_exec_action did not succeed: " + res)
1200
1201 t = threading.Thread(target=dpp_init_conf_mutual,
1202 args=(dev[1], id1, conf_id, id0))
1203 t.start()
1204
71db91db
JM		 1205 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1206 if extra:
1207 cmd += extra
1208 res = sigma_dut_cmd(cmd, timeout=25)
d84c0cf4
JM		 1209 t.join()
1210 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1211 raise Exception("Unexpected result: " + res)
1212 finally:
1213 dev[0].set("dpp_config_processing", "0")
1214 stop_sigma_dut(sigma)
1215
e486e5fd
JM		 1216def dpp_resp_conf_mutual(dev, conf_id, uri):
1217 logger.info("Starting DPP responder/configurator in a thread")
1218 dev.set("dpp_configurator_params",
58be42b2 1219 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
e486e5fd
JM		 1220 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1221 if "OK" not in dev.request(cmd):
1222 raise Exception("Failed to initiate DPP listen")
1223 if uri:
1224 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1225 if ev is None:
1226 raise Exception("QR Code scan for mutual authentication not requested")
1227 res = dev.request("DPP_QR_CODE " + uri)
1228 if "FAIL" in res:
1229 raise Exception("Failed to parse QR Code URI")
1230 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1231 if ev is None:
1232 raise Exception("DPP configuration not completed (Configurator)")
1233 logger.info("DPP responder/configurator done")
1234
1235def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1236 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1237 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1238
1239def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1240 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1241 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1242
1243def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1244 check_dpp_capab(dev[0])
1245 check_dpp_capab(dev[1])
1246
1247 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1248 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1249 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1250 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1251
1252 params = { "ssid": "DPPNET01",
1253 "wpa": "2",
3e3d634f 1254 "ieee80211w": "2",
e486e5fd
JM		 1255 "wpa_key_mgmt": "DPP",
1256 "rsn_pairwise": "CCMP",
1257 "dpp_connector": ap_connector,
1258 "dpp_csign": csign_pub,
1259 "dpp_netaccesskey": ap_netaccesskey }
1260 try:
1261 hapd = hostapd.add_ap(apdev[0], params)
1262 except:
1263 raise HwsimSkip("DPP not supported")
1264
1265 sigma = start_sigma_dut(dev[0].ifname)
1266 try:
1267 dev[0].set("dpp_config_processing", "2")
1268
1269 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
58be42b2 1270 res = dev[1].request(cmd)
e486e5fd
JM		 1271 if "FAIL" in res:
1272 raise Exception("Failed to add configurator")
1273 conf_id = int(res)
1274
1275 addr = dev[1].own_addr().replace(':', '')
1276 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1277 res = dev[1].request(cmd)
1278 if "FAIL" in res:
1279 raise Exception("Failed to generate bootstrapping info")
1280 id0 = int(res)
1281 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1282
1283 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1284 if "status,COMPLETE" not in res:
1285 raise Exception("dev_exec_action did not succeed: " + res)
1286 hex = res.split(',')[3]
1287 uri = hex.decode('hex')
1288 logger.info("URI from sigma_dut: " + uri)
1289
1290 if not resp_pending:
1291 res = dev[1].request("DPP_QR_CODE " + uri)
1292 if "FAIL" in res:
1293 raise Exception("Failed to parse QR Code URI")
1294 uri = None
1295
1296 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1297 if "status,COMPLETE" not in res:
1298 raise Exception("dev_exec_action did not succeed: " + res)
1299
1300 t = threading.Thread(target=dpp_resp_conf_mutual,
1301 args=(dev[1], conf_id, uri))
1302 t.start()
1303
1304 time.sleep(1)
33cddd7f 1305 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
e486e5fd
JM		 1306 res = sigma_dut_cmd(cmd, timeout=15)
1307 t.join()
1308 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1309 raise Exception("Unexpected result: " + res)
1310 finally:
1311 dev[0].set("dpp_config_processing", "0")
1312 stop_sigma_dut(sigma)
1313
d84c0cf4
JM		 1314def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1315 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1316 check_dpp_capab(dev[0])
1317 check_dpp_capab(dev[1])
1318
1319 params = hostapd.wpa2_params(ssid="DPPNET01",
1320 passphrase="ThisIsDppPassphrase")
1321 hapd = hostapd.add_ap(apdev[0], params)
1322
1323 sigma = start_sigma_dut(dev[0].ifname)
1324 try:
1325 dev[0].set("dpp_config_processing", "2")
1326
1327 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1328 res = dev[1].request(cmd)
d84c0cf4
JM		 1329 if "FAIL" in res:
1330 raise Exception("Failed to add configurator")
1331 conf_id = int(res)
1332
1333 addr = dev[1].own_addr().replace(':', '')
1334 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1335 res = dev[1].request(cmd)
1336 if "FAIL" in res:
1337 raise Exception("Failed to generate bootstrapping info")
1338 id0 = int(res)
1339 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1340
1341 dev[1].set("dpp_configurator_params",
58be42b2 1342 " conf=sta-psk ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id))
d84c0cf4
JM		 1343 cmd = "DPP_LISTEN 2437 role=configurator"
1344 if "OK" not in dev[1].request(cmd):
1345 raise Exception("Failed to start listen operation")
1346
1347 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1348 if "status,COMPLETE" not in res:
1349 raise Exception("dev_exec_action did not succeed: " + res)
1350
1351 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
3dfccf7c
JM		 1352 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1353 raise Exception("Unexpected result: " + res)
1354 finally:
1355 dev[0].set("dpp_config_processing", "0")
1356 stop_sigma_dut(sigma)
1357
1358def test_sigma_dut_dpp_qr_init_enrollee_sae(dev, apdev):
1359 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1360 check_dpp_capab(dev[0])
1361 check_dpp_capab(dev[1])
1362 if "SAE" not in dev[0].get_capability("auth_alg"):
1363 raise HwsimSkip("SAE not supported")
1364
1365 params = hostapd.wpa2_params(ssid="DPPNET01",
1366 passphrase="ThisIsDppPassphrase")
1367 params['wpa_key_mgmt'] = 'SAE'
1368 params["ieee80211w"] = "2"
1369 hapd = hostapd.add_ap(apdev[0], params)
1370
1371 sigma = start_sigma_dut(dev[0].ifname)
1372 try:
1373 dev[0].set("dpp_config_processing", "2")
1374
1375 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1376 res = dev[1].request(cmd)
3dfccf7c
JM		 1377 if "FAIL" in res:
1378 raise Exception("Failed to add configurator")
1379 conf_id = int(res)
1380
1381 addr = dev[1].own_addr().replace(':', '')
1382 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1383 res = dev[1].request(cmd)
1384 if "FAIL" in res:
1385 raise Exception("Failed to generate bootstrapping info")
1386 id0 = int(res)
1387 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1388
1389 dev[1].set("dpp_configurator_params",
58be42b2 1390 " conf=sta-sae ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id))
3dfccf7c
JM		 1391 cmd = "DPP_LISTEN 2437 role=configurator"
1392 if "OK" not in dev[1].request(cmd):
1393 raise Exception("Failed to start listen operation")
1394
1395 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1396 if "status,COMPLETE" not in res:
1397 raise Exception("dev_exec_action did not succeed: " + res)
1398
1399 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
d84c0cf4
JM		 1400 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1401 raise Exception("Unexpected result: " + res)
1402 finally:
1403 dev[0].set("dpp_config_processing", "0")
1404 stop_sigma_dut(sigma)
1405
1406def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1407 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1408 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1409
1410def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1411 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1412 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1413
1414def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1415 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1416 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1417
1418def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1419 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1420 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1421
23c45cd0
JM		 1422def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1423 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1424 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1425
1426def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1427 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1428 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1429
1430def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1431 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1432 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1433
0e664e0c
JM		 1434def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1435 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1436 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1437
cb6b2232
JM		 1438def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1439 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1440 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1441
0e664e0c 1442def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
cb6b2232
JM		 1443 prov_role="Configurator",
1444 extra=None):
d84c0cf4
JM		 1445 check_dpp_capab(dev[0])
1446 check_dpp_capab(dev[1])
1447 sigma = start_sigma_dut(dev[0].ifname)
1448 try:
1449 addr = dev[1].own_addr().replace(':', '')
1450 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1451 res = dev[1].request(cmd)
1452 if "FAIL" in res:
1453 raise Exception("Failed to generate bootstrapping info")
1454 id0 = int(res)
1455 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1456
1457 cmd = "DPP_LISTEN 2437 role=enrollee"
1458 if "OK" not in dev[1].request(cmd):
1459 raise Exception("Failed to start listen operation")
1460
1461 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1462 if "status,COMPLETE" not in res:
1463 raise Exception("dev_exec_action did not succeed: " + res)
1464
cb6b2232
JM		 1465 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1466 if extra:
1467 cmd += "," + extra
1468 res = sigma_dut_cmd(cmd)
d84c0cf4
JM		 1469 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1470 raise Exception("Unexpected result: " + res)
1471 finally:
1472 stop_sigma_dut(sigma)
1473
e129e6bd
JM		 1474def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1475 """sigma_dut DPP roles incompatible (Initiator)"""
1476 check_dpp_capab(dev[0])
1477 check_dpp_capab(dev[1])
1478 sigma = start_sigma_dut(dev[0].ifname)
1479 try:
1480 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1481 if "status,COMPLETE" not in res:
1482 raise Exception("dev_exec_action did not succeed: " + res)
1483 hex = res.split(',')[3]
1484 uri = hex.decode('hex')
1485 logger.info("URI from sigma_dut: " + uri)
1486
1487 res = dev[1].request("DPP_QR_CODE " + uri)
1488 if "FAIL" in res:
1489 raise Exception("Failed to parse QR Code URI")
1490 id1 = int(res)
1491
1492 addr = dev[1].own_addr().replace(':', '')
1493 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1494 res = dev[1].request(cmd)
1495 if "FAIL" in res:
1496 raise Exception("Failed to generate bootstrapping info")
1497 id0 = int(res)
1498 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1499
1500 cmd = "DPP_LISTEN 2437 role=enrollee"
1501 if "OK" not in dev[1].request(cmd):
1502 raise Exception("Failed to start listen operation")
1503
1504 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1505 if "status,COMPLETE" not in res:
1506 raise Exception("dev_exec_action did not succeed: " + res)
1507
1508 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1509 res = sigma_dut_cmd(cmd)
1510 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1511 raise Exception("Unexpected result: " + res)
1512 finally:
1513 stop_sigma_dut(sigma)
1514
1515def dpp_init_enrollee_mutual(dev, id1, own_id):
1516 logger.info("Starting DPP initiator/enrollee in a thread")
1517 time.sleep(1)
1518 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1519 if "OK" not in dev.request(cmd):
1520 raise Exception("Failed to initiate DPP Authentication")
1521 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1522 "DPP-NOT-COMPATIBLE"], timeout=5)
1523 if ev is None:
1524 raise Exception("DPP configuration not completed (Enrollee)")
1525 logger.info("DPP initiator/enrollee done")
1526
1527def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1528 """sigma_dut DPP roles incompatible (Responder)"""
1529 check_dpp_capab(dev[0])
1530 check_dpp_capab(dev[1])
1531 sigma = start_sigma_dut(dev[0].ifname)
1532 try:
1533 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1534 res = sigma_dut_cmd(cmd)
1535 if "status,COMPLETE" not in res:
1536 raise Exception("dev_exec_action did not succeed: " + res)
1537 hex = res.split(',')[3]
1538 uri = hex.decode('hex')
1539 logger.info("URI from sigma_dut: " + uri)
1540
1541 res = dev[1].request("DPP_QR_CODE " + uri)
1542 if "FAIL" in res:
1543 raise Exception("Failed to parse QR Code URI")
1544 id1 = int(res)
1545
1546 addr = dev[1].own_addr().replace(':', '')
1547 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1548 res = dev[1].request(cmd)
1549 if "FAIL" in res:
1550 raise Exception("Failed to generate bootstrapping info")
1551 id0 = int(res)
1552 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1553
1554 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1555 if "status,COMPLETE" not in res:
1556 raise Exception("dev_exec_action did not succeed: " + res)
1557
1558 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1559 t.start()
1560 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1561 res = sigma_dut_cmd(cmd, timeout=10)
1562 t.join()
1563 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1564 raise Exception("Unexpected result: " + res)
1565 finally:
1566 stop_sigma_dut(sigma)
1567
d84c0cf4
JM		 1568def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1569 """sigma_dut DPP/PKEX initiator as Configurator"""
1570 check_dpp_capab(dev[0])
1571 check_dpp_capab(dev[1])
1572 sigma = start_sigma_dut(dev[0].ifname)
1573 try:
1574 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1575 res = dev[1].request(cmd)
1576 if "FAIL" in res:
1577 raise Exception("Failed to generate bootstrapping info")
1578 id1 = int(res)
1579 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1580 res = dev[1].request(cmd)
1581 if "FAIL" in res:
1582 raise Exception("Failed to set PKEX data (responder)")
1583 cmd = "DPP_LISTEN 2437 role=enrollee"
1584 if "OK" not in dev[1].request(cmd):
1585 raise Exception("Failed to start listen operation")
1586
33cddd7f 1587 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
d84c0cf4
JM		 1588 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1589 raise Exception("Unexpected result: " + res)
1590 finally:
1591 stop_sigma_dut(sigma)
1592
1593def dpp_init_conf(dev, id1, conf, conf_id, extra):
1594 logger.info("Starting DPP initiator/configurator in a thread")
1595 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1596 if "OK" not in dev.request(cmd):
1597 raise Exception("Failed to initiate DPP Authentication")
1598 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1599 if ev is None:
1600 raise Exception("DPP configuration not completed (Configurator)")
1601 logger.info("DPP initiator/configurator done")
1602
1603def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1604 """sigma_dut controlled AP (DPP)"""
1605 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1606
1607def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1608 """sigma_dut controlled AP (legacy)"""
1609 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1610 extra="pass=%s" % "qwertyuiop".encode("hex"))
1611
1612def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1613 """sigma_dut controlled AP (legacy)"""
1614 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1615 extra="psk=%s" % (32*"12"))
1616
1617def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
6e6651d0 1618 check_dpp_capab(dev[0])
d84c0cf4
JM		 1619 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1620 with HWSimRadio() as (radio, iface):
1621 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1622 try:
1623 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1624 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1625 if "status,COMPLETE" not in res:
1626 raise Exception("dev_exec_action did not succeed: " + res)
1627 hex = res.split(',')[3]
1628 uri = hex.decode('hex')
1629 logger.info("URI from sigma_dut: " + uri)
1630
1631 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1632 res = dev[0].request(cmd)
d84c0cf4
JM		 1633 if "FAIL" in res:
1634 raise Exception("Failed to add configurator")
1635 conf_id = int(res)
1636
1637 res = dev[0].request("DPP_QR_CODE " + uri)
1638 if "FAIL" in res:
1639 raise Exception("Failed to parse QR Code URI")
1640 id1 = int(res)
1641
1642 t = threading.Thread(target=dpp_init_conf,
1643 args=(dev[0], id1, ap_conf, conf_id, extra))
1644 t.start()
1645 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1646 t.join()
1647 if "ConfResult,OK" not in res:
1648 raise Exception("Unexpected result: " + res)
1649
1650 addr = dev[1].own_addr().replace(':', '')
1651 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1652 res = dev[1].request(cmd)
1653 if "FAIL" in res:
1654 raise Exception("Failed to generate bootstrapping info")
1655 id1 = int(res)
1656 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1657
1658 res = dev[0].request("DPP_QR_CODE " + uri1)
1659 if "FAIL" in res:
1660 raise Exception("Failed to parse QR Code URI")
1661 id0b = int(res)
1662
1663 dev[1].set("dpp_config_processing", "2")
1664 cmd = "DPP_LISTEN 2412"
1665 if "OK" not in dev[1].request(cmd):
1666 raise Exception("Failed to start listen operation")
1667 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1668 if "OK" not in dev[0].request(cmd):
1669 raise Exception("Failed to initiate DPP Authentication")
1670 dev[1].wait_connected()
1671
1672 sigma_dut_cmd_check("ap_reset_default")
1673 finally:
1674 dev[1].set("dpp_config_processing", "0")
1675 stop_sigma_dut(sigma)
b900fb1a
JM		 1676
1677def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1678 """sigma_dut controlled AP as DPP PKEX responder"""
6e6651d0 1679 check_dpp_capab(dev[0])
b900fb1a
JM		 1680 logdir = os.path.join(params['logdir'],
1681 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1682 with HWSimRadio() as (radio, iface):
1683 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1684 try:
1685 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1686 finally:
1687 stop_sigma_dut(sigma)
1688
a8ec0b8c 1689def dpp_init_conf_pkex(dev, conf_id, check_config=True):
b900fb1a
JM		 1690 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1691 time.sleep(1.5)
1692 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1693 res = dev.request(cmd)
1694 if "FAIL" in res:
1695 raise Exception("Failed to generate bootstrapping info")
1696 id = int(res)
1697 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1698 res = dev.request(cmd)
1699 if "FAIL" in res:
1700 raise Exception("Failed to initiate DPP PKEX")
a8ec0b8c
JM		 1701 if not check_config:
1702 return
b900fb1a
JM		 1703 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1704 if ev is None:
1705 raise Exception("DPP configuration not completed (Configurator)")
1706 logger.info("DPP initiator/configurator done")
1707
1708def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1709 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1710
1711 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1712 res = dev[0].request(cmd)
b900fb1a
JM		 1713 if "FAIL" in res:
1714 raise Exception("Failed to add configurator")
1715 conf_id = int(res)
1716
1717 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1718 t.start()
a8ec0b8c 1719 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
b900fb1a
JM		 1720 t.join()
1721 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1722 raise Exception("Unexpected result: " + res)
1723
1724 sigma_dut_cmd_check("ap_reset_default")
8c735316 1725
a8ec0b8c
JM		 1726def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1727 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1728 check_dpp_capab(dev[0])
1729 sigma = start_sigma_dut(dev[0].ifname)
1730 try:
1731 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1732 finally:
1733 stop_sigma_dut(sigma)
1734
1735def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1736 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1737 res = dev[1].request(cmd)
a8ec0b8c
JM		 1738 if "FAIL" in res:
1739 raise Exception("Failed to add configurator")
1740 conf_id = int(res)
1741
1742 dev[1].set("dpp_test", "44")
1743
1744 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1745 False))
1746 t.start()
1747 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1748 t.join()
1749 if "BootstrapResult,Timeout" not in res:
1750 raise Exception("Unexpected result: " + res)
1751
8c735316
JM		 1752def dpp_proto_init(dev, id1):
1753 time.sleep(1)
1754 logger.info("Starting DPP initiator/configurator in a thread")
1755 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 1756 res = dev.request(cmd)
8c735316
JM		 1757 if "FAIL" in res:
1758 raise Exception("Failed to add configurator")
1759 conf_id = int(res)
1760
1761 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1762 if "OK" not in dev.request(cmd):
1763 raise Exception("Failed to initiate DPP Authentication")
1764
1765def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1766 """sigma_dut DPP protocol testing - Initiator"""
1767 check_dpp_capab(dev[0])
1768 check_dpp_capab(dev[1])
1769 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1770 "BootstrapResult,OK,AuthResult,Errorsent",
1771 None),
1772 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1773 "BootstrapResult,OK,AuthResult,Errorsent",
1774 None),
1775 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1776 "BootstrapResult,OK,AuthResult,Errorsent",
1777 "Missing or invalid I-capabilities"),
1778 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1779 "BootstrapResult,OK,AuthResult,Errorsent",
1780 "Mismatching Initiator Authenticating Tag"),
1781 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1782 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1783 "Missing or invalid Enrollee Nonce attribute") ]
1784 for step, frame, attr, result, fail in tests:
1785 dev[0].request("FLUSH")
1786 dev[1].request("FLUSH")
1787 sigma = start_sigma_dut(dev[0].ifname)
1788 try:
1789 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1790 fail)
1791 finally:
1792 stop_sigma_dut(sigma)
1793
1794def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1795 addr = dev[1].own_addr().replace(':', '')
1796 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1797 res = dev[1].request(cmd)
1798 if "FAIL" in res:
1799 raise Exception("Failed to generate bootstrapping info")
1800 id0 = int(res)
1801 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1802
1803 cmd = "DPP_LISTEN 2437 role=enrollee"
1804 if "OK" not in dev[1].request(cmd):
1805 raise Exception("Failed to start listen operation")
1806
1807 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1808 if "status,COMPLETE" not in res:
1809 raise Exception("dev_exec_action did not succeed: " + res)
1810
6333cb81
JM		 1811 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1812 timeout=10)
8c735316
JM		 1813 if result not in res:
1814 raise Exception("Unexpected result: " + res)
1815 if fail:
1816 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1817 if ev is None or fail not in ev:
1818 raise Exception("Failure not reported correctly: " + str(ev))
1819
1820 dev[1].request("DPP_STOP_LISTEN")
1821 dev[0].dump_monitor()
1822 dev[1].dump_monitor()
1823
1824def test_sigma_dut_dpp_proto_responder(dev, apdev):
1825 """sigma_dut DPP protocol testing - Responder"""
1826 check_dpp_capab(dev[0])
1827 check_dpp_capab(dev[1])
1828 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1829 "BootstrapResult,OK,AuthResult,Errorsent",
1830 "Missing or invalid required DPP Status attribute"),
1831 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1832 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1833 "Missing or invalid Enrollee Nonce attribute") ]
1834 for step, frame, attr, result, fail in tests:
1835 dev[0].request("FLUSH")
1836 dev[1].request("FLUSH")
1837 sigma = start_sigma_dut(dev[0].ifname)
1838 try:
1839 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1840 fail)
1841 finally:
1842 stop_sigma_dut(sigma)
1843
1844def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1845 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1846 if "status,COMPLETE" not in res:
1847 raise Exception("dev_exec_action did not succeed: " + res)
1848 hex = res.split(',')[3]
1849 uri = hex.decode('hex')
1850 logger.info("URI from sigma_dut: " + uri)
1851
1852 res = dev[1].request("DPP_QR_CODE " + uri)
1853 if "FAIL" in res:
1854 raise Exception("Failed to parse QR Code URI")
1855 id1 = int(res)
1856
1857 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1858 t.start()
14f8e081 1859 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
8c735316
JM		 1860 t.join()
1861 if result not in res:
1862 raise Exception("Unexpected result: " + res)
1863 if fail:
1864 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1865 if ev is None or fail not in ev:
1866 raise Exception("Failure not reported correctly:" + str(ev))
1867
1868 dev[1].request("DPP_STOP_LISTEN")
1869 dev[0].dump_monitor()
1870 dev[1].dump_monitor()
1871
c79b9db0
JM		 1872def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1873 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1874 check_dpp_capab(dev[0])
1875 check_dpp_capab(dev[1])
1876 tests = [ ("AuthenticationResponse",
1877 "BootstrapResult,OK,AuthResult,Errorsent",
1878 None),
1879 ("ConfigurationRequest",
1880 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1881 None)]
1882 for frame, result, fail in tests:
1883 dev[0].request("FLUSH")
1884 dev[1].request("FLUSH")
1885 sigma = start_sigma_dut(dev[0].ifname)
1886 try:
1887 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1888 finally:
1889 stop_sigma_dut(sigma)
1890
1891def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1892 addr = dev[1].own_addr().replace(':', '')
1893 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1894 res = dev[1].request(cmd)
1895 if "FAIL" in res:
1896 raise Exception("Failed to generate bootstrapping info")
1897 id0 = int(res)
1898 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1899
1900 cmd = "DPP_LISTEN 2437 role=enrollee"
1901 if "OK" not in dev[1].request(cmd):
1902 raise Exception("Failed to start listen operation")
1903
1904 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1905 if "status,COMPLETE" not in res:
1906 raise Exception("dev_exec_action did not succeed: " + res)
1907
1908 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1909 if result not in res:
1910 raise Exception("Unexpected result: " + res)
4ae39c12
JM		 1911 if fail:
1912 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1913 if ev is None or fail not in ev:
1914 raise Exception("Failure not reported correctly: " + str(ev))
1915
1916 dev[1].request("DPP_STOP_LISTEN")
1917 dev[0].dump_monitor()
1918 dev[1].dump_monitor()
1919
1920def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1921 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1922 check_dpp_capab(dev[0])
1923 check_dpp_capab(dev[1])
1924 tests = [ ("AuthenticationConfirm",
1925 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1926 None) ]
1927 for frame, result, fail in tests:
1928 dev[0].request("FLUSH")
1929 dev[1].request("FLUSH")
1930 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1931 try:
1932 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1933 result, fail)
1934 finally:
1935 stop_sigma_dut(sigma)
1936
1937def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1938 fail):
1939 addr = dev[1].own_addr().replace(':', '')
1940 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1941 res = dev[1].request(cmd)
1942 if "FAIL" in res:
1943 raise Exception("Failed to generate bootstrapping info")
1944 id0 = int(res)
1945 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1946
1947 cmd = "DPP_LISTEN 2437 role=configurator"
1948 if "OK" not in dev[1].request(cmd):
1949 raise Exception("Failed to start listen operation")
1950
1951 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1952 if "status,COMPLETE" not in res:
1953 raise Exception("dev_exec_action did not succeed: " + res)
1954
1955 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1956 if result not in res:
1957 raise Exception("Unexpected result: " + res)
c79b9db0
JM		 1958 if fail:
1959 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1960 if ev is None or fail not in ev:
1961 raise Exception("Failure not reported correctly: " + str(ev))
1962
1963 dev[1].request("DPP_STOP_LISTEN")
1964 dev[0].dump_monitor()
1965 dev[1].dump_monitor()
1966
1967def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1968 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1969 check_dpp_capab(dev[0])
1970 check_dpp_capab(dev[1])
1971 tests = [ ("AuthenticationRequest",
1972 "BootstrapResult,OK,AuthResult,Errorsent",
1973 None),
1974 ("AuthenticationConfirm",
1975 "BootstrapResult,OK,AuthResult,Errorsent",
1976 None) ]
1977 for frame, result, fail in tests:
1978 dev[0].request("FLUSH")
1979 dev[1].request("FLUSH")
1980 sigma = start_sigma_dut(dev[0].ifname)
1981 try:
1982 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1983 finally:
1984 stop_sigma_dut(sigma)
1985
1986def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1987 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1988 if "status,COMPLETE" not in res:
1989 raise Exception("dev_exec_action did not succeed: " + res)
1990 hex = res.split(',')[3]
1991 uri = hex.decode('hex')
1992 logger.info("URI from sigma_dut: " + uri)
1993
1994 res = dev[1].request("DPP_QR_CODE " + uri)
1995 if "FAIL" in res:
1996 raise Exception("Failed to parse QR Code URI")
1997 id1 = int(res)
1998
1999 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
2000 t.start()
2001 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
2002 t.join()
2003 if result not in res:
2004 raise Exception("Unexpected result: " + res)
2005 if fail:
2006 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2007 if ev is None or fail not in ev:
2008 raise Exception("Failure not reported correctly:" + str(ev))
2009
2010 dev[1].request("DPP_STOP_LISTEN")
2011 dev[0].dump_monitor()
2012 dev[1].dump_monitor()
2013
8c735316
JM		 2014def dpp_proto_init_pkex(dev):
2015 time.sleep(1)
2016 logger.info("Starting DPP PKEX initiator/configurator in a thread")
2017 cmd = "DPP_CONFIGURATOR_ADD"
58be42b2 2018 res = dev.request(cmd)
8c735316
JM		 2019 if "FAIL" in res:
2020 raise Exception("Failed to add configurator")
2021 conf_id = int(res)
2022
2023 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2024 res = dev.request(cmd)
2025 if "FAIL" in res:
2026 raise Exception("Failed to generate bootstrapping info")
2027 id = int(res)
2028
2029 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
2030 if "FAIL" in dev.request(cmd):
2031 raise Exception("Failed to initiate DPP PKEX")
2032
2033def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
2034 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2035 check_dpp_capab(dev[0])
2036 check_dpp_capab(dev[1])
2037 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
2038 "BootstrapResult,Errorsent",
2039 None),
2040 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2041 "BootstrapResult,Errorsent",
2042 "Missing or invalid Finite Cyclic Group attribute"),
2043 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2044 "BootstrapResult,Errorsent",
2045 "No valid peer bootstrapping key found") ]
2046 for step, frame, attr, result, fail in tests:
2047 dev[0].request("FLUSH")
2048 dev[1].request("FLUSH")
2049 sigma = start_sigma_dut(dev[0].ifname)
2050 try:
2051 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
2052 result, fail)
2053 finally:
2054 stop_sigma_dut(sigma)
2055
2056def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
2057 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2058 res = dev[1].request(cmd)
2059 if "FAIL" in res:
2060 raise Exception("Failed to generate bootstrapping info")
2061 id1 = int(res)
2062
2063 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
2064 res = dev[1].request(cmd)
2065 if "FAIL" in res:
2066 raise Exception("Failed to set PKEX data (responder)")
2067
2068 cmd = "DPP_LISTEN 2437 role=enrollee"
2069 if "OK" not in dev[1].request(cmd):
2070 raise Exception("Failed to start listen operation")
2071
14f8e081 2072 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
8c735316
JM		 2073 if result not in res:
2074 raise Exception("Unexpected result: " + res)
2075 if fail:
2076 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2077 if ev is None or fail not in ev:
2078 raise Exception("Failure not reported correctly: " + str(ev))
2079
2080 dev[1].request("DPP_STOP_LISTEN")
2081 dev[0].dump_monitor()
2082 dev[1].dump_monitor()
2083
2084def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2085 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2086 check_dpp_capab(dev[0])
2087 check_dpp_capab(dev[1])
2088 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2089 "BootstrapResult,Errorsent",
2090 None),
2091 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2092 "BootstrapResult,Errorsent",
2093 "No DPP Status attribute"),
2094 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2095 "BootstrapResult,Errorsent",
2096 "No valid peer bootstrapping key found") ]
2097 for step, frame, attr, result, fail in tests:
2098 dev[0].request("FLUSH")
2099 dev[1].request("FLUSH")
2100 sigma = start_sigma_dut(dev[0].ifname)
2101 try:
2102 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2103 result, fail)
2104 finally:
2105 stop_sigma_dut(sigma)
2106
2107def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2108 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2109 t.start()
14f8e081 2110 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
8c735316
JM		 2111 t.join()
2112 if result not in res:
2113 raise Exception("Unexpected result: " + res)
2114 if fail:
2115 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2116 if ev is None or fail not in ev:
2117 raise Exception("Failure not reported correctly:" + str(ev))
2118
2119 dev[1].request("DPP_STOP_LISTEN")
2120 dev[0].dump_monitor()
2121 dev[1].dump_monitor()
a0604a42
JM		 2122
2123def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2124 check_dpp_capab(dev[0])
2125 check_dpp_capab(dev[1])
2126
2127 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2128 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2129 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2130 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2131
2132 params = { "ssid": "DPPNET01",
2133 "wpa": "2",
3e3d634f 2134 "ieee80211w": "2",
a0604a42
JM		 2135 "wpa_key_mgmt": "DPP",
2136 "rsn_pairwise": "CCMP",
2137 "dpp_connector": ap_connector,
2138 "dpp_csign": csign_pub,
2139 "dpp_netaccesskey": ap_netaccesskey }
2140 try:
2141 hapd = hostapd.add_ap(apdev[0], params)
2142 except:
2143 raise HwsimSkip("DPP not supported")
2144
2145 dev[0].set("dpp_config_processing", "2")
2146
2147 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
58be42b2 2148 res = dev[1].request(cmd)
a0604a42
JM		 2149 if "FAIL" in res:
2150 raise Exception("Failed to add configurator")
2151 conf_id = int(res)
2152
2153 addr = dev[1].own_addr().replace(':', '')
2154 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2155 res = dev[1].request(cmd)
2156 if "FAIL" in res:
2157 raise Exception("Failed to generate bootstrapping info")
2158 id0 = int(res)
2159 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2160
2161 dev[1].set("dpp_configurator_params",
58be42b2 2162 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
a0604a42
JM		 2163 cmd = "DPP_LISTEN 2437 role=configurator"
2164 if "OK" not in dev[1].request(cmd):
2165 raise Exception("Failed to start listen operation")
2166
2167 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
2168 if "status,COMPLETE" not in res:
2169 raise Exception("dev_exec_action did not succeed: " + res)
2170
2171def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2172 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2173 sigma = start_sigma_dut(dev[0].ifname)
2174 try:
2175 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2176
2177 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2178 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2179 raise Exception("Unexpected result: " + res)
2180 finally:
2181 dev[0].set("dpp_config_processing", "0")
2182 stop_sigma_dut(sigma)
211b5d1b
JM		 2183
2184def test_sigma_dut_dpp_self_config(dev, apdev):
2185 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2186 check_dpp_capab(dev[0])
2187
2188 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2189 check_dpp_capab(hapd)
2190
2191 sigma = start_sigma_dut(dev[0].ifname)
2192 try:
2193 dev[0].set("dpp_config_processing", "2")
2194 addr = hapd.own_addr().replace(':', '')
2195 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2196 res = hapd.request(cmd)
2197 if "FAIL" in res:
2198 raise Exception("Failed to generate bootstrapping info")
2199 id = int(res)
2200 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2201
2202 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2203 if "status,COMPLETE" not in res:
2204 raise Exception("dev_exec_action did not succeed: " + res)
2205
2206 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2207 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2208 raise Exception("Unexpected result: " + res)
2209 update_hapd_config(hapd)
2210
2211 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2212 res = sigma_dut_cmd(cmd, timeout=10)
2213 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2214 raise Exception("Unexpected result: " + res)
2215 finally:
2216 stop_sigma_dut(sigma)
2217 dev[0].set("dpp_config_processing", "0")
8b4adc38
JM		 2218
2219def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2220 """sigma_dut DPP AP Configurator using self-configuration"""
2221 logdir = os.path.join(params['logdir'],
2222 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2223 with HWSimRadio() as (radio, iface):
2224 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2225 try:
2226 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2227 finally:
2228 stop_sigma_dut(sigma)
2229 dev[0].set("dpp_config_processing", "0")
2230
2231def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2232 check_dpp_capab(dev[0])
2233
2234 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2235
2236 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2237 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2238 raise Exception("Unexpected result: " + res)
2239
2240 dev[0].set("dpp_config_processing", "2")
2241
2242 addr = dev[0].own_addr().replace(':', '')
2243 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2244 res = dev[0].request(cmd)
2245 if "FAIL" in res:
2246 raise Exception("Failed to generate bootstrapping info")
2247 id = int(res)
2248 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2249 cmd = "DPP_LISTEN 2462 role=enrollee"
2250 if "OK" not in dev[0].request(cmd):
2251 raise Exception("Failed to start listen operation")
2252
2253 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2254 if "status,COMPLETE" not in res:
2255 raise Exception("dev_exec_action did not succeed: " + res)
2256 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2257 res = sigma_dut_cmd(cmd)
2258 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2259 raise Exception("Unexpected result: " + res)
2260 dev[0].wait_connected()
2261 dev[0].request("DISCONNECT")
2262 dev[0].wait_disconnected()
2263 sigma_dut_cmd_check("ap_reset_default")
6923312d
JM		 2264
2265def test_sigma_dut_preconfigured_profile(dev, apdev):
2266 """sigma_dut controlled connection using preconfigured profile"""
2267 try:
2268 run_sigma_dut_preconfigured_profile(dev, apdev)
2269 finally:
2270 dev[0].set("ignore_old_scan_res", "0")
2271
2272def run_sigma_dut_preconfigured_profile(dev, apdev):
2273 ifname = dev[0].ifname
2274 sigma = start_sigma_dut(ifname)
2275
2276 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2277 hapd = hostapd.add_ap(apdev[0], params)
2278 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2279 only_add_network=True)
2280
2281 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2282 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2283 sigma_dut_wait_connected(ifname)
2284 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2285 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2286 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2287
2288 stop_sigma_dut(sigma)
ce83008c
JM		 2289
2290def test_sigma_dut_wps_pbc(dev, apdev):
2291 """sigma_dut and WPS PBC Enrollee"""
2292 try:
2293 run_sigma_dut_wps_pbc(dev, apdev)
2294 finally:
2295 dev[0].set("ignore_old_scan_res", "0")
2296
2297def run_sigma_dut_wps_pbc(dev, apdev):
2298 ssid = "test-wps-conf"
2299 hapd = hostapd.add_ap(apdev[0],
2300 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2301 "wpa_passphrase": "12345678", "wpa": "2",
2302 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2303 hapd.request("WPS_PBC")
2304
2305 ifname = dev[0].ifname
2306 sigma = start_sigma_dut(ifname)
2307
2308 cmd = "start_wps_registration,interface,%s" % ifname
2309 cmd += ",WpsRole,Enrollee"
2310 cmd += ",WpsConfigMethod,PBC"
2311 sigma_dut_cmd_check(cmd, timeout=15)
2312
2313 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2314 hapd.disable()
2315 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2316 stop_sigma_dut(sigma)
2317 dev[0].flush_scan_cache()
7e526fa7
JM		 2318
2319def test_sigma_dut_sta_scan_bss(dev, apdev):
2320 """sigma_dut sta_scan_bss"""
2321 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2322 sigma = start_sigma_dut(dev[0].ifname)
2323 try:
2324 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2325 hapd.own_addr())
2326 res = sigma_dut_cmd(cmd, timeout=10)
2327 if "ssid,test,bsschannel,1" not in res:
2328 raise Exception("Unexpected result: " + res)
2329 finally:
2330 stop_sigma_dut(sigma)
b1e11877 2331
0beb6c2f
JM		 2332def test_sigma_dut_ap_osen(dev, apdev, params):
2333 """sigma_dut controlled AP with OSEN"""
2334 logdir = os.path.join(params['logdir'],
2335 "sigma_dut_ap_osen.sigma-hostapd")
2336 with HWSimRadio() as (radio, iface):
2337 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2338 try:
2339 sigma_dut_cmd_check("ap_reset_default")
2340 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2341 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2342 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2343 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2344
2345 # RSN-OSEN (for OSU)
2346 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2347 pairwise="CCMP", group="GTK_NOT_USED",
2348 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2349 ca_cert="auth_serv/ca.pem", scan_freq="2412")
2350
2351 sigma_dut_cmd_check("ap_reset_default")
2352 finally:
2353 stop_sigma_dut(sigma)
2354
b1e11877
JM		 2355def test_sigma_dut_ap_eap_osen(dev, apdev, params):
2356 """sigma_dut controlled AP with EAP+OSEN"""
2357 logdir = os.path.join(params['logdir'],
2358 "sigma_dut_ap_eap_osen.sigma-hostapd")
2359 with HWSimRadio() as (radio, iface):
4902eb04 2360 sigma = start_sigma_dut(iface, bridge="ap-br0", hostapd_logdir=logdir)
b1e11877
JM		 2361 try:
2362 sigma_dut_cmd_check("ap_reset_default")
2363 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2364 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2365 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2366 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2367
4902eb04
JM		 2368 subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
2369 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2370
b1e11877
JM		 2371 # RSN-OSEN (for OSU)
2372 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2373 pairwise="CCMP",
2374 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2375 ca_cert="auth_serv/ca.pem", ieee80211w='2',
2376 scan_freq="2412")
2377 # RSN-EAP (for data connection)
2378 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
2379 identity="hs20-test", password="password",
2380 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
2381 ieee80211w='2', scan_freq="2412")
2382
4902eb04
JM		 2383 hwsim_utils.test_connectivity(dev[0], dev[1], broadcast=False,
2384 success_expected=False, timeout=1)
2385
b1e11877
JM		 2386 sigma_dut_cmd_check("ap_reset_default")
2387 finally:
2388 stop_sigma_dut(sigma)
4902eb04
JM		 2389 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2390 stderr=open('/dev/null', 'w'))
2391 subprocess.call(['brctl', 'delbr', 'ap-br0'],
2392 stderr=open('/dev/null', 'w'))
63add34e
JM		 2393
2394def test_sigma_dut_ap_eap(dev, apdev, params):
2395 """sigma_dut controlled AP WPA2-Enterprise"""
2396 logdir = os.path.join(params['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2397 with HWSimRadio() as (radio, iface):
2398 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2399 try:
2400 sigma_dut_cmd_check("ap_reset_default")
2401 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2402 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2403 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2404 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2405
2406 dev[0].connect("test-eap", key_mgmt="WPA-EAP", eap="GPSK",
2407 identity="gpsk user",
2408 password="abcdefghijklmnop0123456789abcdef",
2409 scan_freq="2412")
2410
2411 sigma_dut_cmd_check("ap_reset_default")
2412 finally:
2413 stop_sigma_dut(sigma)
2414
2415def test_sigma_dut_ap_eap_sha256(dev, apdev, params):
2416 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2417 logdir = os.path.join(params['logdir'],
2418 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2419 with HWSimRadio() as (radio, iface):
2420 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2421 try:
2422 sigma_dut_cmd_check("ap_reset_default")
2423 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2424 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2425 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2426 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2427
2428 dev[0].connect("test-eap", key_mgmt="WPA-EAP-SHA256", eap="GPSK",
2429 identity="gpsk user",
2430 password="abcdefghijklmnop0123456789abcdef",
2431 scan_freq="2412")
2432
2433 sigma_dut_cmd_check("ap_reset_default")
2434 finally:
2435 stop_sigma_dut(sigma)
2436
2437def test_sigma_dut_ap_ft_eap(dev, apdev, params):
2438 """sigma_dut controlled AP FT-EAP"""
2439 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2440 with HWSimRadio() as (radio, iface):
2441 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2442 try:
2443 sigma_dut_cmd_check("ap_reset_default")
2444 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2445 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2446 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2447 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2448
2449 dev[0].connect("test-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2450 identity="gpsk user",
2451 password="abcdefghijklmnop0123456789abcdef",
2452 scan_freq="2412")
2453
2454 sigma_dut_cmd_check("ap_reset_default")
2455 finally:
2456 stop_sigma_dut(sigma)
2457
2458def test_sigma_dut_ap_ft_psk(dev, apdev, params):
2459 """sigma_dut controlled AP FT-PSK"""
2460 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2461 with HWSimRadio() as (radio, iface):
2462 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2463 try:
2464 sigma_dut_cmd_check("ap_reset_default")
2465 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2466 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2467 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2468
2469 dev[0].connect("test-ft-psk", key_mgmt="FT-PSK", psk="12345678",
2470 scan_freq="2412")
2471
2472 sigma_dut_cmd_check("ap_reset_default")
2473 finally:
2474 stop_sigma_dut(sigma)
2475
2476def test_sigma_dut_ap_ent_ft_eap(dev, apdev, params):
2477 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2478 logdir = os.path.join(params['logdir'],
2479 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2480 with HWSimRadio() as (radio, iface):
2481 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2482 try:
2483 sigma_dut_cmd_check("ap_reset_default")
2484 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2485 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2486 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2487 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2488
2489 dev[0].connect("test-ent-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2490 identity="gpsk user",
2491 password="abcdefghijklmnop0123456789abcdef",
2492 scan_freq="2412")
2493 dev[1].connect("test-ent-ft-eap", key_mgmt="WPA-EAP", eap="GPSK",
2494 identity="gpsk user",
2495 password="abcdefghijklmnop0123456789abcdef",
2496 scan_freq="2412")
2497
2498 sigma_dut_cmd_check("ap_reset_default")
2499 finally:
2500 stop_sigma_dut(sigma)
dc60d564
JM		 2501
2502def test_sigma_dut_venue_url(dev, apdev):
2503 """sigma_dut controlled Venue URL fetch"""
2504 try:
2505 run_sigma_dut_venue_url(dev, apdev)
2506 finally:
2507 dev[0].set("ignore_old_scan_res", "0")
2508
2509def run_sigma_dut_venue_url(dev, apdev):
2510 ifname = dev[0].ifname
2511 sigma = start_sigma_dut(ifname, debug=True)
2512
2513 ssid = "venue"
2514 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
2515 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2516 params["ieee80211w"] = "2"
2517
2518 venue_group = 1
2519 venue_type = 13
2520 venue_info = struct.pack('BB', venue_group, venue_type)
2521 lang1 = "eng"
2522 name1= "Example venue"
2523 lang2 = "fin"
2524 name2 = "Esimerkkipaikka"
2525 venue1 = struct.pack('B', len(lang1 + name1)) + lang1 + name1
2526 venue2 = struct.pack('B', len(lang2 + name2)) + lang2 + name2
2527 venue_name = binascii.hexlify(venue_info + venue1 + venue2)
2528
2529 url1 = "http://example.com/venue"
2530 url2 = "https://example.org/venue-info/"
2531 params["venue_group"] = str(venue_group)
2532 params["venue_type"] = str(venue_type)
2533 params["venue_name"] = [ lang1 + ":" + name1, lang2 + ":" + name2 ]
2534 params["venue_url"] = [ "1:" + url1, "2:" + url2 ]
2535
2536 hapd = hostapd.add_ap(apdev[0], params)
2537
2538 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
2539 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2540 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "venue", "12345678"))
2541 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "venue"))
2542 sigma_dut_wait_connected(ifname)
2543 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2544 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname + ",Display,Yes")
2545 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2546 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2547
2548 stop_sigma_dut(sigma)
31157568
JM		 2549
2550def test_sigma_dut_hs20_assoc_24(dev, apdev):
2551 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2552 run_sigma_dut_hs20_assoc(dev, apdev, True)
2553
2554def test_sigma_dut_hs20_assoc_5(dev, apdev):
2555 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2556 run_sigma_dut_hs20_assoc(dev, apdev, False)
2557
2558def run_sigma_dut_hs20_assoc(dev, apdev, band24):
2559 hapd0 = None
2560 hapd1 = None
2561 try:
2562 bssid0 = apdev[0]['bssid']
2563 params = hs20_ap_params()
2564 params['hessid'] = bssid0
2565 hapd0 = hostapd.add_ap(apdev[0], params)
2566
2567 bssid1 = apdev[1]['bssid']
2568 params = hs20_ap_params()
2569 params['hessid'] = bssid0
2570 params["hw_mode"] = "a"
2571 params["channel"] = "36"
2572 params["country_code"] = "US"
2573 hapd1 = hostapd.add_ap(apdev[1], params)
2574
2575 band = "2.4" if band24 else "5"
2576 exp_bssid = bssid0 if band24 else bssid1
2577 run_sigma_dut_hs20_assoc_2(dev, apdev, band, exp_bssid)
2578 finally:
2579 dev[0].request("DISCONNECT")
2580 if hapd0:
2581 hapd0.request("DISABLE")
2582 if hapd1:
2583 hapd1.request("DISABLE")
2584 subprocess.call(['iw', 'reg', 'set', '00'])
2585 dev[0].flush_scan_cache()
2586
2587def run_sigma_dut_hs20_assoc_2(dev, apdev, band, expect_bssid):
2588 check_eap_capa(dev[0], "MSCHAPV2")
2589 dev[0].flush_scan_cache()
2590
2591 ifname = dev[0].ifname
2592 sigma = start_sigma_dut(ifname, debug=True)
2593
2594 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname)
2595 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2596 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname)
2597 res = sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname, band),
2598 timeout=15)
2599 sigma_dut_wait_connected(ifname)
2600 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2601 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2602 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2603
2604 stop_sigma_dut(sigma)
2605
2606 if "BSSID," + expect_bssid not in res:
2607 raise Exception("Unexpected BSSID: " + res)
e7869a66
JM		 2608
2609def test_sigma_dut_ap_hs20(dev, apdev, params):
2610 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2611 logdir = os.path.join(params['logdir'],
2612 "sigma_dut_ap_hs20.sigma-hostapd")
2613 with HWSimRadio() as (radio, iface):
2614 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2615 try:
2616 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2617 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2618 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2619 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2620 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
b583907b 2621 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
e7869a66
JM		 2622 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2623 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2624 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2625 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2626 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2627 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
524b963c 2628 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
e7869a66
JM		 2629 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2630
2631 with open("/tmp/sigma_dut-ap.conf", "r") as f:
2632 logger.debug("hostapd.conf from sigma_dut:\n" + f.read())
2633
2634 sigma_dut_cmd_check("ap_reset_default")
2635 finally:
2636 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.