]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_pmf.py
1 # Protected management frames tests
2 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
12 logger
= logging
.getLogger()
16 from utils
import alloc_fail
, fail_test
, wait_fail_trigger
, HwsimSkip
, \
17 radiotap_build
, start_monitor
, stop_monitor
18 from wlantest
import Wlantest
19 from wpasupplicant
import WpaSupplicant
22 def test_ap_pmf_required(dev
, apdev
):
23 """WPA2-PSK AP with PMF required"""
24 ssid
= "test-pmf-required"
25 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
26 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
27 params
["ieee80211w"] = "2"
28 hapd
= hostapd
.add_ap(apdev
[0], params
)
32 wt
.add_passphrase("12345678")
33 key_mgmt
= hapd
.get_config()['key_mgmt']
34 if key_mgmt
.split(' ')[0] != "WPA-PSK-SHA256":
35 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
36 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
37 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
39 if "[WPA2-PSK-SHA256-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
40 raise Exception("Scan results missing RSN element info")
41 hwsim_utils
.test_connectivity(dev
[0], hapd
)
42 dev
[1].connect(ssid
, psk
="12345678", ieee80211w
="2",
43 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
45 hwsim_utils
.test_connectivity(dev
[1], hapd
)
46 if "OK" not in hapd
.request("SA_QUERY " + dev
[0].own_addr()):
47 raise Exception("SA_QUERY failed")
48 if "OK" not in hapd
.request("SA_QUERY " + dev
[1].own_addr()):
49 raise Exception("SA_QUERY failed")
50 if "FAIL" not in hapd
.request("SA_QUERY foo"):
51 raise Exception("Invalid SA_QUERY accepted")
52 wt
.require_ap_pmf_mandatory(apdev
[0]['bssid'])
53 wt
.require_sta_pmf(apdev
[0]['bssid'], dev
[0].p2p_interface_addr())
54 wt
.require_sta_pmf_mandatory(apdev
[0]['bssid'], dev
[1].p2p_interface_addr())
56 if wt
.get_sta_counter("valid_saqueryresp_tx", apdev
[0]['bssid'],
57 dev
[0].p2p_interface_addr()) < 1:
58 raise Exception("STA did not reply to SA Query")
59 if wt
.get_sta_counter("valid_saqueryresp_tx", apdev
[0]['bssid'],
60 dev
[1].p2p_interface_addr()) < 1:
61 raise Exception("STA did not reply to SA Query")
64 def test_ocv_sa_query(dev
, apdev
):
65 """Test SA Query with OCV"""
66 ssid
= "test-pmf-required"
67 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
68 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
69 params
["ieee80211w"] = "2"
72 hapd
= hostapd
.add_ap(apdev
[0], params
)
73 except Exception as e
:
74 if "Failed to set hostapd parameter ocv" in str(e
):
75 raise HwsimSkip("OCV not supported")
80 wt
.add_passphrase("12345678")
81 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1", ocv
="1",
82 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
85 # Test that client can handle SA Query with OCI element
86 if "OK" not in hapd
.request("SA_QUERY " + dev
[0].own_addr()):
87 raise Exception("SA_QUERY failed")
89 if wt
.get_sta_counter("valid_saqueryresp_tx", apdev
[0]['bssid'],
90 dev
[0].own_addr()) < 1:
91 raise Exception("STA did not reply to SA Query")
93 # Test that AP can handle SA Query with OCI element
94 if "OK" not in dev
[0].request("UNPROT_DEAUTH"):
95 raise Exception("Triggering SA Query from the STA failed")
96 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=3)
98 raise Exception("SA Query from the STA failed")
101 def test_ocv_sa_query_csa(dev
, apdev
):
102 """Test SA Query with OCV after channel switch"""
103 ssid
= "test-pmf-required"
104 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
105 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
106 params
["ieee80211w"] = "2"
109 hapd
= hostapd
.add_ap(apdev
[0], params
)
110 except Exception as e
:
111 if "Failed to set hostapd parameter ocv" in str(e
):
112 raise HwsimSkip("OCV not supported")
117 wt
.add_passphrase("12345678")
118 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1", ocv
="1",
119 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
122 hapd
.request("CHAN_SWITCH 5 2437")
124 if wt
.get_sta_counter("valid_saqueryreq_tx", apdev
[0]['bssid'],
125 dev
[0].own_addr()) < 1:
126 raise Exception("STA did not start SA Query after channel switch")
129 def test_ap_pmf_optional(dev
, apdev
):
130 """WPA2-PSK AP with PMF optional"""
131 ssid
= "test-pmf-optional"
132 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
133 params
["wpa_key_mgmt"] = "WPA-PSK"
134 params
["ieee80211w"] = "1"
135 hapd
= hostapd
.add_ap(apdev
[0], params
)
139 wt
.add_passphrase("12345678")
140 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
141 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
143 hwsim_utils
.test_connectivity(dev
[0], hapd
)
144 dev
[1].connect(ssid
, psk
="12345678", ieee80211w
="2",
145 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
147 hwsim_utils
.test_connectivity(dev
[1], hapd
)
148 wt
.require_ap_pmf_optional(apdev
[0]['bssid'])
149 wt
.require_sta_pmf(apdev
[0]['bssid'], dev
[0].p2p_interface_addr())
150 wt
.require_sta_pmf_mandatory(apdev
[0]['bssid'], dev
[1].p2p_interface_addr())
153 def test_ap_pmf_optional_2akm(dev
, apdev
):
154 """WPA2-PSK AP with PMF optional (2 AKMs)"""
155 ssid
= "test-pmf-optional-2akm"
156 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
157 params
["wpa_key_mgmt"] = "WPA-PSK WPA-PSK-SHA256"
158 params
["ieee80211w"] = "1"
159 hapd
= hostapd
.add_ap(apdev
[0], params
)
163 wt
.add_passphrase("12345678")
164 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
165 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
167 hwsim_utils
.test_connectivity(dev
[0], hapd
)
168 dev
[1].connect(ssid
, psk
="12345678", ieee80211w
="2",
169 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
171 hwsim_utils
.test_connectivity(dev
[1], hapd
)
172 wt
.require_ap_pmf_optional(apdev
[0]['bssid'])
173 wt
.require_sta_pmf(apdev
[0]['bssid'], dev
[0].p2p_interface_addr())
174 wt
.require_sta_key_mgmt(apdev
[0]['bssid'], dev
[0].p2p_interface_addr(),
176 wt
.require_sta_pmf_mandatory(apdev
[0]['bssid'], dev
[1].p2p_interface_addr())
177 wt
.require_sta_key_mgmt(apdev
[0]['bssid'], dev
[1].p2p_interface_addr(),
181 def test_ap_pmf_negative(dev
, apdev
):
182 """WPA2-PSK AP without PMF (negative test)"""
183 ssid
= "test-pmf-negative"
184 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
185 hapd
= hostapd
.add_ap(apdev
[0], params
)
189 wt
.add_passphrase("12345678")
190 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
191 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
193 hwsim_utils
.test_connectivity(dev
[0], hapd
)
195 dev
[1].connect(ssid
, psk
="12345678", ieee80211w
="2",
196 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
198 hwsim_utils
.test_connectivity(dev
[1], hapd
)
199 raise Exception("PMF required STA connected to no PMF AP")
200 except Exception as e
:
201 logger
.debug("Ignore expected exception: " + str(e
))
202 wt
.require_ap_no_pmf(apdev
[0]['bssid'])
205 def test_ap_pmf_assoc_comeback(dev
, apdev
):
206 """WPA2-PSK AP with PMF association comeback"""
207 ssid
= "assoc-comeback"
208 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
209 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
210 params
["ieee80211w"] = "2"
211 hapd
= hostapd
.add_ap(apdev
[0], params
)
215 wt
.add_passphrase("12345678")
216 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
217 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
219 hapd
.set("ext_mgmt_frame_handling", "1")
220 dev
[0].request("DISCONNECT")
221 dev
[0].wait_disconnected(timeout
=10)
222 hapd
.set("ext_mgmt_frame_handling", "0")
223 dev
[0].request("REASSOCIATE")
224 dev
[0].wait_connected(timeout
=10, error
="Timeout on re-connection")
225 if wt
.get_sta_counter("assocresp_comeback", apdev
[0]['bssid'],
226 dev
[0].p2p_interface_addr()) < 1:
227 raise Exception("AP did not use association comeback request")
230 def test_ap_pmf_assoc_comeback2(dev
, apdev
):
231 """WPA2-PSK AP with PMF association comeback (using DROP_SA)"""
232 ssid
= "assoc-comeback"
233 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
234 params
["wpa_key_mgmt"] = "WPA-PSK"
235 params
["ieee80211w"] = "1"
236 hapd
= hostapd
.add_ap(apdev
[0], params
)
240 wt
.add_passphrase("12345678")
241 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
242 key_mgmt
="WPA-PSK", proto
="WPA2", scan_freq
="2412")
243 if "OK" not in dev
[0].request("DROP_SA"):
244 raise Exception("DROP_SA failed")
245 dev
[0].request("REASSOCIATE")
246 dev
[0].wait_connected(timeout
=10, error
="Timeout on re-connection")
247 if wt
.get_sta_counter("reassocresp_comeback", apdev
[0]['bssid'],
248 dev
[0].p2p_interface_addr()) < 1:
249 raise Exception("AP did not use reassociation comeback request")
251 def test_ap_pmf_ap_dropping_sa(dev
, apdev
):
252 """WPA2-PSK PMF AP dropping SA"""
254 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
255 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
256 params
["ieee80211w"] = "2"
257 hapd
= hostapd
.add_ap(apdev
[0], params
)
258 bssid
= hapd
.own_addr()
262 wt
.add_passphrase("12345678")
263 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
264 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2", scan_freq
="2412")
265 addr0
= dev
[0].own_addr()
266 dev
[0].dump_monitor()
268 # Drop SA and association at the AP locally without notifying the STA. This
269 # results in the STA getting unprotected Deauthentication frames when trying
270 # to transmit the next Class 3 frame.
271 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr0
+ " tx=0"):
272 raise Exception("DEAUTHENTICATE command failed")
273 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
275 raise Exception("Unexpected disconnection event after DEAUTHENTICATE tx=0: " + ev
)
276 dev
[0].request("DATA_TEST_CONFIG 1")
277 dev
[0].request("DATA_TEST_TX " + bssid
+ " " + addr0
)
278 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=5)
279 dev
[0].request("DATA_TEST_CONFIG 0")
280 if ev
is None or "locally_generated=1" not in ev
:
281 raise Exception("Locally generated disconnection not reported")
283 def test_ap_pmf_valid_broadcast_deauth(dev
, apdev
):
284 """WPA2-PSK PMF AP sending valid broadcast deauth without dropping SA"""
285 run_ap_pmf_valid(dev
, apdev
, False, True)
287 def test_ap_pmf_valid_broadcast_disassoc(dev
, apdev
):
288 """WPA2-PSK PMF AP sending valid broadcast disassoc without dropping SA"""
289 run_ap_pmf_valid(dev
, apdev
, True, True)
291 def test_ap_pmf_valid_unicast_deauth(dev
, apdev
):
292 """WPA2-PSK PMF AP sending valid unicast deauth without dropping SA"""
293 run_ap_pmf_valid(dev
, apdev
, False, False)
295 def test_ap_pmf_valid_unicast_disassoc(dev
, apdev
):
296 """WPA2-PSK PMF AP sending valid unicast disassoc without dropping SA"""
297 run_ap_pmf_valid(dev
, apdev
, True, False)
299 def run_ap_pmf_valid(dev
, apdev
, disassociate
, broadcast
):
301 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
302 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
303 params
["ieee80211w"] = "2"
304 hapd
= hostapd
.add_ap(apdev
[0], params
)
305 bssid
= hapd
.own_addr()
309 wt
.add_passphrase("12345678")
310 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
311 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2", scan_freq
="2412")
312 addr0
= dev
[0].own_addr()
313 dev
[0].dump_monitor()
315 cmd
= "DISASSOCIATE " if disassociate
else "DEAUTHENTICATE "
316 cmd
+= "ff:ff:ff:ff:ff:ff" if broadcast
else addr0
318 if "OK" not in hapd
.request(cmd
):
319 raise Exception("hostapd command failed")
320 sta
= hapd
.get_sta(addr0
)
322 raise Exception("STA entry lost")
323 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=5)
325 raise Exception("Disconnection not reported")
326 if "locally_generated=1" in ev
:
327 raise Exception("Unexpected locally generated disconnection")
329 # Wait for SA Query procedure to fail and association comeback to succeed
330 dev
[0].wait_connected()
332 def start_wpas_ap(ssid
):
333 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
334 wpas
.interface_add("wlan5", drv_params
="use_monitor=1")
335 id = wpas
.add_network()
336 wpas
.set_network(id, "mode", "2")
337 wpas
.set_network_quoted(id, "ssid", ssid
)
338 wpas
.set_network(id, "proto", "WPA2")
339 wpas
.set_network(id, "key_mgmt", "WPA-PSK-SHA256")
340 wpas
.set_network(id, "ieee80211w", "2")
341 wpas
.set_network_quoted(id, "psk", "12345678")
342 wpas
.set_network(id, "pairwise", "CCMP")
343 wpas
.set_network(id, "group", "CCMP")
344 wpas
.set_network(id, "frequency", "2412")
345 wpas
.set_network(id, "scan_freq", "2412")
346 wpas
.connect_network(id)
350 def test_ap_pmf_sta_sa_query(dev
, apdev
):
351 """WPA2-PSK AP with station using SA Query"""
352 ssid
= "assoc-comeback"
353 addr
= dev
[0].own_addr()
355 wpas
= start_wpas_ap(ssid
)
356 bssid
= wpas
.own_addr()
361 wt
.add_passphrase("12345678")
363 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
364 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
367 wpas
.request("DEAUTHENTICATE " + addr
+ " test=0")
369 wpas
.request("DISASSOCIATE " + addr
+ " test=0")
371 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
373 raise Exception("Unexpected disconnection")
375 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
377 wpas
.request("DISASSOCIATE " + addr
+ " reason=7 test=0")
379 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
381 raise Exception("Unexpected disconnection")
382 if wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
) < 1:
383 raise Exception("STA did not send SA Query")
384 if wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
) < 1:
385 raise Exception("AP did not reply to SA Query")
388 def test_ap_pmf_sta_sa_query_no_response(dev
, apdev
):
389 """WPA2-PSK AP with station using SA Query and getting no response"""
390 ssid
= "assoc-comeback"
391 addr
= dev
[0].own_addr()
393 wpas
= start_wpas_ap(ssid
)
394 bssid
= wpas
.own_addr()
396 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
397 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
400 wpas
.request("DEAUTHENTICATE " + addr
+ " test=0")
402 wpas
.request("DISASSOCIATE " + addr
+ " test=0")
404 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
406 raise Exception("Unexpected disconnection")
408 wpas
.request("SET ext_mgmt_frame_handling 1")
409 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
411 wpas
.request("DISASSOCIATE " + addr
+ " reason=7 test=0")
413 dev
[0].wait_disconnected()
415 wpas
.request("SET ext_mgmt_frame_handling 0")
416 dev
[0].wait_connected()
419 def test_ap_pmf_sta_unprot_deauth_burst(dev
, apdev
):
420 """WPA2-PSK AP with station receiving burst of unprotected Deauthentication frames"""
421 ssid
= "deauth-attack"
422 addr
= dev
[0].own_addr()
424 wpas
= start_wpas_ap(ssid
)
425 bssid
= wpas
.own_addr()
430 wt
.add_passphrase("12345678")
432 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
433 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
436 for i
in range(0, 10):
437 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
438 wpas
.request("DISASSOCIATE " + addr
+ " reason=7 test=0")
439 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
441 raise Exception("Unexpected disconnection")
442 num_req
= wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
)
443 num_resp
= wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
)
445 raise Exception("STA did not send SA Query")
447 raise Exception("AP did not reply to SA Query")
449 raise Exception("STA initiated too many SA Query procedures (%d)" % num_req
)
452 for i
in range(0, 5):
453 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
454 wpas
.request("DISASSOCIATE " + addr
+ " reason=7 test=0")
455 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
457 raise Exception("Unexpected disconnection")
458 num_req
= wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
)
459 num_resp
= wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
)
460 if num_req
!= 2 or num_resp
!= 2:
461 raise Exception("Unexpected number of SA Query procedures (req=%d resp=%d)" % (num_req
, num_resp
))
463 def test_ap_pmf_sta_sa_query_oom(dev
, apdev
):
464 """WPA2-PSK AP with station using SA Query (OOM)"""
465 ssid
= "assoc-comeback"
466 addr
= dev
[0].own_addr()
467 wpas
= start_wpas_ap(ssid
)
468 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
469 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
471 with
alloc_fail(dev
[0], 1, "=sme_sa_query_timer"):
472 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
473 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
474 dev
[0].request("DISCONNECT")
475 wpas
.request("DISCONNECT")
476 dev
[0].wait_disconnected()
478 def test_ap_pmf_sta_sa_query_local_failure(dev
, apdev
):
479 """WPA2-PSK AP with station using SA Query (local failure)"""
480 ssid
= "assoc-comeback"
481 addr
= dev
[0].own_addr()
482 wpas
= start_wpas_ap(ssid
)
483 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
484 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
486 with
fail_test(dev
[0], 1, "os_get_random;sme_sa_query_timer"):
487 wpas
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0")
488 wait_fail_trigger(dev
[0], "GET_FAIL")
489 dev
[0].request("DISCONNECT")
490 wpas
.request("DISCONNECT")
491 dev
[0].wait_disconnected()
493 def test_ap_pmf_sta_sa_query_hostapd(dev
, apdev
):
494 """WPA2-PSK AP with station using SA Query (hostapd)"""
495 ssid
= "assoc-comeback"
496 passphrase
= "12345678"
497 addr
= dev
[0].own_addr()
499 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
=passphrase
,
500 wpa_key_mgmt
="WPA-PSK-SHA256",
502 hapd
= hostapd
.add_ap(apdev
[0], params
)
503 bssid
= hapd
.own_addr()
508 wt
.add_passphrase("12345678")
510 dev
[0].connect(ssid
, psk
=passphrase
, ieee80211w
="2",
511 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
514 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr
+ " test=0") or \
515 "OK" not in hapd
.request("DISASSOCIATE " + addr
+ " test=0"):
516 raise Exception("Failed to send unprotected disconnection messages")
517 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
519 raise Exception("Unexpected disconnection")
521 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0") or \
522 "OK" not in hapd
.request("DISASSOCIATE " + addr
+ " reason=7 test=0"):
523 raise Exception("Failed to send unprotected disconnection messages (2)")
524 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
526 raise Exception("Unexpected disconnection")
527 if wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
) < 1:
528 raise Exception("STA did not send SA Query")
529 if wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
) < 1:
530 raise Exception("AP did not reply to SA Query")
532 def test_ap_pmf_sta_sa_query_no_response_hostapd(dev
, apdev
):
533 """WPA2-PSK AP with station using SA Query and getting no response (hostapd)"""
534 ssid
= "assoc-comeback"
535 passphrase
= "12345678"
536 addr
= dev
[0].own_addr()
538 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
=passphrase
,
539 wpa_key_mgmt
="WPA-PSK-SHA256",
541 hapd
= hostapd
.add_ap(apdev
[0], params
)
542 bssid
= hapd
.own_addr()
547 wt
.add_passphrase("12345678")
549 dev
[0].connect(ssid
, psk
=passphrase
, ieee80211w
="2",
550 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
553 hapd
.set("ext_mgmt_frame_handling", "1")
554 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0") or \
555 "OK" not in hapd
.request("DISASSOCIATE " + addr
+ " reason=7 test=0"):
556 raise Exception("Failed to send unprotected disconnection messages")
557 dev
[0].wait_disconnected()
558 hapd
.set("ext_mgmt_frame_handling", "0")
559 if wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
) < 1:
560 raise Exception("STA did not send SA Query")
561 if wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
) > 0:
562 raise Exception("AP replied to SA Query")
563 dev
[0].wait_connected()
565 def test_ap_pmf_sta_unprot_deauth_burst_hostapd(dev
, apdev
):
566 """WPA2-PSK AP with station receiving burst of unprotected Deauthentication frames (hostapd)"""
567 ssid
= "deauth-attack"
568 passphrase
= "12345678"
569 addr
= dev
[0].own_addr()
571 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
=passphrase
,
572 wpa_key_mgmt
="WPA-PSK-SHA256",
574 hapd
= hostapd
.add_ap(apdev
[0], params
)
575 bssid
= hapd
.own_addr()
580 wt
.add_passphrase("12345678")
582 dev
[0].connect(ssid
, psk
=passphrase
, ieee80211w
="2",
583 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
587 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0") or \
588 "OK" not in hapd
.request("DISASSOCIATE " + addr
+ " reason=7 test=0"):
589 raise Exception("Failed to send unprotected disconnection messages")
590 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
592 raise Exception("Unexpected disconnection")
593 num_req
= wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
)
594 num_resp
= wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
)
596 raise Exception("STA did not send SA Query")
598 raise Exception("AP did not reply to SA Query")
600 raise Exception("STA initiated too many SA Query procedures (%d)" % num_req
)
604 if "OK" not in hapd
.request("DEAUTHENTICATE " + addr
+ " reason=6 test=0") or \
605 "OK" not in hapd
.request("DISASSOCIATE " + addr
+ " reason=7 test=0"):
606 raise Exception("Failed to send unprotected disconnection messages")
607 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1)
609 raise Exception("Unexpected disconnection")
610 num_req
= wt
.get_sta_counter("valid_saqueryreq_tx", bssid
, addr
)
611 num_resp
= wt
.get_sta_counter("valid_saqueryresp_rx", bssid
, addr
)
612 if num_req
!= 2 or num_resp
!= 2:
613 raise Exception("Unexpected number of SA Query procedures (req=%d resp=%d)" % (num_req
, num_resp
))
615 def test_ap_pmf_required_eap(dev
, apdev
):
616 """WPA2-EAP AP with PMF required"""
617 ssid
= "test-pmf-required-eap"
618 params
= hostapd
.wpa2_eap_params(ssid
=ssid
)
619 params
["wpa_key_mgmt"] = "WPA-EAP-SHA256"
620 params
["ieee80211w"] = "2"
621 hapd
= hostapd
.add_ap(apdev
[0], params
)
622 key_mgmt
= hapd
.get_config()['key_mgmt']
623 if key_mgmt
.split(' ')[0] != "WPA-EAP-SHA256":
624 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
625 dev
[0].connect("test-pmf-required-eap", key_mgmt
="WPA-EAP-SHA256",
626 ieee80211w
="2", eap
="PSK", identity
="psk.user@example.com",
627 password_hex
="0123456789abcdef0123456789abcdef",
629 dev
[1].connect("test-pmf-required-eap", key_mgmt
="WPA-EAP WPA-EAP-SHA256",
630 ieee80211w
="1", eap
="PSK", identity
="psk.user@example.com",
631 password_hex
="0123456789abcdef0123456789abcdef",
634 def test_ap_pmf_optional_eap(dev
, apdev
):
635 """WPA2EAP AP with PMF optional"""
636 params
= hostapd
.wpa2_eap_params(ssid
="test-wpa2-eap")
637 params
["ieee80211w"] = "1"
638 hapd
= hostapd
.add_ap(apdev
[0], params
)
639 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", eap
="TTLS",
640 identity
="pap user", anonymous_identity
="ttls",
642 ca_cert
="auth_serv/ca.pem", phase2
="auth=PAP",
643 ieee80211w
="1", scan_freq
="2412")
644 dev
[1].connect("test-wpa2-eap", key_mgmt
="WPA-EAP WPA-EAP-SHA256",
645 eap
="TTLS", identity
="pap user", anonymous_identity
="ttls",
647 ca_cert
="auth_serv/ca.pem", phase2
="auth=PAP",
648 ieee80211w
="2", scan_freq
="2412")
651 def test_ap_pmf_required_sha1(dev
, apdev
):
652 """WPA2-PSK AP with PMF required with SHA1 AKM"""
653 ssid
= "test-pmf-required-sha1"
654 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
655 params
["wpa_key_mgmt"] = "WPA-PSK"
656 params
["ieee80211w"] = "2"
657 hapd
= hostapd
.add_ap(apdev
[0], params
)
661 wt
.add_passphrase("12345678")
662 key_mgmt
= hapd
.get_config()['key_mgmt']
663 if key_mgmt
.split(' ')[0] != "WPA-PSK":
664 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
665 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
666 key_mgmt
="WPA-PSK", proto
="WPA2", scan_freq
="2412")
667 if "[WPA2-PSK-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
668 raise Exception("Scan results missing RSN element info")
669 hwsim_utils
.test_connectivity(dev
[0], hapd
)
672 def test_ap_pmf_toggle(dev
, apdev
):
673 """WPA2-PSK AP with PMF optional and changing PMF on reassociation"""
675 _test_ap_pmf_toggle(dev
, apdev
)
677 dev
[0].request("SET reassoc_same_bss_optim 0")
679 def _test_ap_pmf_toggle(dev
, apdev
):
680 ssid
= "test-pmf-optional"
681 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
682 params
["wpa_key_mgmt"] = "WPA-PSK"
683 params
["ieee80211w"] = "1"
684 params
["assoc_sa_query_max_timeout"] = "1"
685 params
["assoc_sa_query_retry_timeout"] = "1"
686 hapd
= hostapd
.add_ap(apdev
[0], params
)
690 wt
.add_passphrase("12345678")
691 bssid
= apdev
[0]['bssid']
692 addr
= dev
[0].own_addr()
693 dev
[0].request("SET reassoc_same_bss_optim 1")
694 id = dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="1",
695 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
697 wt
.require_ap_pmf_optional(bssid
)
698 wt
.require_sta_pmf(bssid
, addr
)
699 sta
= hapd
.get_sta(addr
)
700 if '[MFP]' not in sta
['flags']:
701 raise Exception("MFP flag not present for STA")
703 dev
[0].set_network(id, "ieee80211w", "0")
704 dev
[0].request("REASSOCIATE")
705 dev
[0].wait_connected()
706 wt
.require_sta_no_pmf(bssid
, addr
)
707 sta
= hapd
.get_sta(addr
)
708 if '[MFP]' in sta
['flags']:
709 raise Exception("MFP flag unexpectedly present for STA")
710 err
, data
= hapd
.cmd_execute(['iw', 'dev', apdev
[0]['ifname'], 'station',
712 if "yes" in [l
for l
in data
.splitlines() if "MFP" in l
][0]:
713 raise Exception("Kernel STA entry had MFP enabled")
715 dev
[0].set_network(id, "ieee80211w", "1")
716 dev
[0].request("REASSOCIATE")
717 dev
[0].wait_connected()
718 wt
.require_sta_pmf(bssid
, addr
)
719 sta
= hapd
.get_sta(addr
)
720 if '[MFP]' not in sta
['flags']:
721 raise Exception("MFP flag not present for STA")
722 err
, data
= hapd
.cmd_execute(['iw', 'dev', apdev
[0]['ifname'], 'station',
724 if "yes" not in [l
for l
in data
.splitlines() if "MFP" in l
][0]:
725 raise Exception("Kernel STA entry did not have MFP enabled")
728 def test_ap_pmf_required_sta_no_pmf(dev
, apdev
):
729 """WPA2-PSK AP with PMF required and PMF disabled on STA"""
730 ssid
= "test-pmf-required"
731 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
732 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
733 params
["ieee80211w"] = "2"
734 hapd
= hostapd
.add_ap(apdev
[0], params
)
736 # Disable PMF on the station and try to connect
737 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="0",
738 key_mgmt
="WPA-PSK WPA-PSK-SHA256", proto
="WPA2",
739 scan_freq
="2412", wait_connect
=False)
740 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
741 "CTRL-EVENT-ASSOC-REJECT"], timeout
=2)
743 raise Exception("No connection result")
744 if "CTRL-EVENT-ASSOC-REJECT" in ev
:
745 raise Exception("Tried to connect to PMF required AP without PMF enabled")
746 dev
[0].request("REMOVE_NETWORK all")
748 def test_ap_pmf_inject_auth(dev
, apdev
):
749 """WPA2-PSK AP with PMF and Authentication frame injection"""
751 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
752 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
753 params
["ieee80211w"] = "2"
754 hapd
= hostapd
.add_ap(apdev
[0], params
)
755 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
756 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
759 hwsim_utils
.test_connectivity(dev
[0], hapd
)
761 bssid
= hapd
.own_addr().replace(':', '')
762 addr
= dev
[0].own_addr().replace(':', '')
764 # Inject an unprotected Authentication frame claiming to be from the
765 # associated STA, from another STA, from the AP's own address, from all
766 # zeros and all ones addresses, and from a multicast address.
767 hapd
.request("SET ext_mgmt_frame_handling 1")
769 addresses
= [ addr
, "021122334455", bssid
, 6*"00", 6*"ff", 6*"01" ]
771 auth
= "b0003a01" + bssid
+ a
+ bssid
+ '1000000001000000'
772 res
= hapd
.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % auth
)
775 hapd
.request("SET ext_mgmt_frame_handling 0")
777 raise Exception("MGMT_RX_PROCESS failed")
780 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=0.1)
782 raise Exception("Unexpected disconnection reported on the STA")
784 # Verify that original association is still functional.
785 hwsim_utils
.test_connectivity(dev
[0], hapd
)
787 # Inject an unprotected Association Request frame (with and without RSNE)
788 # claiming to be from the set of test addresses.
789 hapd
.request("SET ext_mgmt_frame_handling 1")
791 assoc
= "00003a01" + bssid
+ a
+ bssid
+ '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '301a0100000fac040100000fac040100000fac06c0000000000fac06'
792 res
= hapd
.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc
)
796 assoc
= "00003a01" + bssid
+ a
+ bssid
+ '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '3000'
797 res
= hapd
.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc
)
801 assoc
= "00003a01" + bssid
+ a
+ bssid
+ '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824'
802 res
= hapd
.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc
)
805 hapd
.request("SET ext_mgmt_frame_handling 0")
807 raise Exception("MGMT_RX_PROCESS failed")
810 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=0.1)
812 raise Exception("Unexpected disconnection reported on the STA")
814 # Verify that original association is still functional.
815 hwsim_utils
.test_connectivity(dev
[0], hapd
)
817 def test_ap_pmf_inject_data(dev
, apdev
):
818 """WPA2-PSK AP with PMF and Data frame injection"""
820 run_ap_pmf_inject_data(dev
, apdev
)
822 stop_monitor(apdev
[1]["ifname"])
824 def run_ap_pmf_inject_data(dev
, apdev
):
826 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
827 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
828 params
["ieee80211w"] = "2"
829 hapd
= hostapd
.add_ap(apdev
[0], params
)
830 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
831 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
834 hwsim_utils
.test_connectivity(dev
[0], hapd
)
836 sock
= start_monitor(apdev
[1]["ifname"])
837 radiotap
= radiotap_build()
839 bssid
= hapd
.own_addr().replace(':', '')
840 addr
= dev
[0].own_addr().replace(':', '')
842 # Inject Data frame with A2=broadcast, A2=multicast, A2=BSSID, A2=STA, and
844 addresses
= [ 6*"ff", 6*"01", bssid
, addr
, "020102030405" ]
846 frame
= binascii
.unhexlify("48010000" + bssid
+ a
+ bssid
+ "0000")
847 sock
.send(radiotap
+ frame
)
850 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=0.1)
852 raise Exception("Unexpected disconnection reported on the STA")
853 hwsim_utils
.test_connectivity(dev
[0], hapd
)
855 def test_ap_pmf_tkip_reject(dev
, apdev
):
856 """Mixed mode BSS and MFP-enabled AP rejecting TKIP"""
857 params
= hostapd
.wpa2_params(ssid
="test-pmf", passphrase
="12345678")
859 params
["ieee80211w"] = "1"
860 params
["wpa_pairwise"] = "TKIP CCMP"
861 params
["rsn_pairwise"] = "TKIP CCMP"
862 hostapd
.add_ap(apdev
[0], params
)
864 dev
[0].connect("test-pmf", psk
="12345678", pairwise
="CCMP", ieee80211w
="2",
866 dev
[0].dump_monitor()
868 dev
[1].connect("test-pmf", psk
="12345678", proto
="WPA", pairwise
="TKIP",
869 ieee80211w
="0", scan_freq
="2412")
870 dev
[1].dump_monitor()
872 dev
[2].connect("test-pmf", psk
="12345678", pairwise
="TKIP",
873 ieee80211w
="2", scan_freq
="2412", wait_connect
=False)
874 ev
= dev
[2].wait_event(["CTRL-EVENT-CONNECTED",
875 "CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
877 raise Exception("No connection result reported")
878 if "CTRL-EVENT-ASSOC-REJECT" not in ev
:
879 raise Exception("MFP + TKIP connection was not rejected")
880 if "status_code=31" not in ev
:
881 raise Exception("Unexpected status code in rejection: " + ev
)
882 dev
[2].request("DISCONNECT")
883 dev
[2].dump_monitor()
885 def test_ap_pmf_sa_query_timeout(dev
, apdev
):
886 """SA Query timeout"""
887 ssid
= "test-pmf-required"
888 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
889 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
890 params
["ieee80211w"] = "2"
891 hapd
= hostapd
.add_ap(apdev
[0], params
)
892 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2",
893 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2",
896 hapd
.set("ext_mgmt_frame_handling", "1")
897 if "OK" not in dev
[0].request("UNPROT_DEAUTH"):
898 raise Exception("Triggering SA Query from the STA failed")
899 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=2)
901 raise Exception("No disconnection on SA Query timeout seen")
902 hapd
.set("ext_mgmt_frame_handling", "0")
903 dev
[0].wait_connected()
904 dev
[0].dump_monitor()
906 hapd
.set("ext_mgmt_frame_handling", "1")
907 if "OK" not in dev
[0].request("UNPROT_DEAUTH"):
908 raise Exception("Triggering SA Query from the STA failed")
910 hapd
.set("ext_mgmt_frame_handling", "0")
911 dev
[0].request("DISCONNECT")
912 dev
[0].wait_disconnected()
913 dev
[0].request("RECONNECT")
914 dev
[0].wait_connected()
915 hapd
.set("ext_mgmt_frame_handling", "1")
916 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=1.5)
918 raise Exception("Unexpected disconnection after reconnection seen")
920 def mac80211_read_key(keydir
):
922 for name
in os
.listdir(keydir
):
924 with
open(os
.path
.join(keydir
, name
)) as f
:
925 vals
[name
] = f
.read().strip()
930 def test_ap_pmf_beacon_protection_bip(dev
, apdev
):
931 """WPA2-PSK Beacon protection (BIP)"""
932 """WPA2-PSK AP with PMF required and Beacon protection enabled (BIP)"""
933 run_ap_pmf_beacon_protection(dev
, apdev
, "AES-128-CMAC")
935 def test_ap_pmf_beacon_protection_bip_cmac_256(dev
, apdev
):
936 """WPA2-PSK Beacon protection (BIP-CMAC-256)"""
937 run_ap_pmf_beacon_protection(dev
, apdev
, "BIP-CMAC-256")
939 def test_ap_pmf_beacon_protection_bip_gmac_128(dev
, apdev
):
940 """WPA2-PSK Beacon protection (BIP-GMAC-128)"""
941 run_ap_pmf_beacon_protection(dev
, apdev
, "BIP-GMAC-128")
943 def test_ap_pmf_beacon_protection_bip_gmac_256(dev
, apdev
):
944 """WPA2-PSK Beacon protection (BIP-GMAC-256)"""
945 run_ap_pmf_beacon_protection(dev
, apdev
, "BIP-GMAC-256")
947 def run_ap_pmf_beacon_protection(dev
, apdev
, cipher
):
948 ssid
= "test-beacon-prot"
949 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
950 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
951 params
["ieee80211w"] = "2"
952 params
["beacon_prot"] = "1"
953 params
["group_mgmt_cipher"] = cipher
955 hapd
= hostapd
.add_ap(apdev
[0], params
)
956 except Exception as e
:
957 if "Failed to enable hostapd interface" in str(e
):
958 raise HwsimSkip("Beacon protection not supported")
961 bssid
= hapd
.own_addr()
966 wt
.add_passphrase("12345678")
968 # STA with Beacon protection enabled
969 dev
[0].connect(ssid
, psk
="12345678", ieee80211w
="2", beacon_prot
="1",
970 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2", scan_freq
="2412")
972 # STA with Beacon protection disabled
973 dev
[1].connect(ssid
, psk
="12345678", ieee80211w
="2",
974 key_mgmt
="WPA-PSK-SHA256", proto
="WPA2", scan_freq
="2412")
981 phy
= dev
[0].get_driver_status_field("phyname")
982 keys
= "/sys/kernel/debug/ieee80211/%s/keys" % phy
984 for key
in os
.listdir(keys
):
985 keydir
= os
.path
.join(keys
, key
)
986 vals
= mac80211_read_key(keydir
)
987 keyidx
= int(vals
['keyidx'])
988 if keyidx
== 6 or keyidx
== 7:
992 raise HwsimSkip("debugfs not supported in mac80211 (STA)")
994 phy
= hapd
.get_driver_status_field("phyname")
995 keys
= "/sys/kernel/debug/ieee80211/%s/keys" % phy
997 for key
in os
.listdir(keys
):
998 keydir
= os
.path
.join(keys
, key
)
999 vals
= mac80211_read_key(keydir
)
1000 keyidx
= int(vals
['keyidx'])
1001 if keyidx
== 6 or keyidx
== 7:
1004 except OSError as e
:
1005 raise HwsimSkip("debugfs not supported in mac80211 (AP)")
1008 raise Exception("Could not find STA key information from debugfs")
1009 logger
.info("STA key: " + str(sta_key
))
1012 raise Exception("Could not find AP key information from debugfs")
1013 logger
.info("AP key: " + str(ap_key
))
1015 if sta_key
['key'] != ap_key
['key']:
1016 raise Exception("AP and STA BIGTK mismatch")
1018 if sta_key
['keyidx'] != ap_key
['keyidx']:
1019 raise Exception("AP and STA BIGTK keyidx mismatch")
1021 if sta_key
['algorithm'] != ap_key
['algorithm']:
1022 raise Exception("AP and STA BIGTK algorithm mismatch")
1024 replays
= int(sta_key
['replays'])
1025 icverrors
= int(sta_key
['icverrors'])
1026 if replays
> 0 or icverrors
> 0:
1027 raise Exception("STA reported errors: replays=%d icverrors=%d" % replays
, icverrors
)
1029 rx_spec
= int(sta_key
['rx_spec'], base
=16)
1031 raise Exception("STA did not update BIGTK receive counter sufficiently")
1033 tx_spec
= int(ap_key
['tx_spec'], base
=16)
1035 raise Exception("AP did not update BIGTK BIPN sufficiently")
1037 valid_bip
= wt
.get_bss_counter('valid_bip_mmie', bssid
)
1038 invalid_bip
= wt
.get_bss_counter('invalid_bip_mmie', bssid
)
1039 missing_bip
= wt
.get_bss_counter('missing_bip_mmie', bssid
)
1040 logger
.info("wlantest BIP counters: valid=%d invalid=%d missing=%d" % (valid_bip
, invalid_bip
, missing_bip
))
1041 if valid_bip
< 0 or invalid_bip
> 0 or missing_bip
> 0:
1042 raise Exception("Unexpected wlantest BIP counters: valid=%d invalid=%d missing=%d" % (valid_bip
, invalid_bip
, missing_bip
))