2 # Copyright (c) 2013-2017, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
10 from Crypto
.Cipher
import AES
19 logger
= logging
.getLogger()
24 from http
.client
import HTTPConnection
25 from urllib
.request
import urlopen
26 from urllib
.parse
import urlparse
, urljoin
27 from urllib
.error
import HTTPError
28 from io
import StringIO
29 from socketserver
import StreamRequestHandler
, TCPServer
31 from httplib
import HTTPConnection
32 from urllib
import urlopen
33 from urlparse
import urlparse
, urljoin
34 from urllib2
import build_opener
, ProxyHandler
, HTTPError
35 from StringIO
import StringIO
36 from SocketServer
import StreamRequestHandler
, TCPServer
38 import xml
.etree
.ElementTree
as ET
42 from wpasupplicant
import WpaSupplicant
43 from utils
import HwsimSkip
, alloc_fail
, fail_test
, skip_with_fips
44 from utils
import wait_fail_trigger
, clear_regdom
45 from test_ap_eap
import int_eap_server_params
47 def wps_start_ap(apdev
, ssid
="test-wps-conf"):
48 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
49 "wpa_passphrase": "12345678", "wpa": "2",
50 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
51 return hostapd
.add_ap(apdev
, params
)
54 def test_ap_wps_init(dev
, apdev
):
55 """Initial AP configuration with first WPS Enrollee"""
57 hapd
= hostapd
.add_ap(apdev
[0],
58 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
59 logger
.info("WPS provisioning step")
60 hapd
.request("WPS_PBC")
61 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
62 raise Exception("PBC status not shown correctly")
64 id = dev
[0].add_network()
65 dev
[0].set_network_quoted(id, "ssid", "home")
66 dev
[0].set_network_quoted(id, "psk", "12345678")
67 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
69 id = dev
[0].add_network()
70 dev
[0].set_network_quoted(id, "ssid", "home2")
71 dev
[0].set_network(id, "bssid", "00:11:22:33:44:55")
72 dev
[0].set_network(id, "key_mgmt", "NONE")
73 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
75 dev
[0].request("WPS_PBC")
76 dev
[0].wait_connected(timeout
=30)
77 status
= dev
[0].get_status()
78 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
79 raise Exception("Not fully connected")
80 if status
['ssid'] != ssid
:
81 raise Exception("Unexpected SSID")
82 if status
['pairwise_cipher'] != 'CCMP':
83 raise Exception("Unexpected encryption configuration")
84 if status
['key_mgmt'] != 'WPA2-PSK':
85 raise Exception("Unexpected key_mgmt")
87 status
= hapd
.request("WPS_GET_STATUS")
88 if "PBC Status: Disabled" not in status
:
89 raise Exception("PBC status not shown correctly")
90 if "Last WPS result: Success" not in status
:
91 raise Exception("Last WPS result not shown correctly")
92 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
93 raise Exception("Peer address not shown correctly")
94 conf
= hapd
.request("GET_CONFIG")
95 if "wps_state=configured" not in conf
:
96 raise Exception("AP not in WPS configured state")
97 if "wpa=3" not in conf
:
98 raise Exception("AP not in WPA+WPA2 configuration")
99 if "rsn_pairwise_cipher=CCMP TKIP" not in conf
:
100 raise Exception("Unexpected rsn_pairwise_cipher")
101 if "wpa_pairwise_cipher=CCMP TKIP" not in conf
:
102 raise Exception("Unexpected wpa_pairwise_cipher")
103 if "group_cipher=TKIP" not in conf
:
104 raise Exception("Unexpected group_cipher")
106 if len(dev
[0].list_networks()) != 3:
107 raise Exception("Unexpected number of network blocks")
109 def test_ap_wps_init_2ap_pbc(dev
, apdev
):
110 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
112 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
113 hapd
= hostapd
.add_ap(apdev
[0], params
)
114 hostapd
.add_ap(apdev
[1], params
)
115 logger
.info("WPS provisioning step")
116 hapd
.request("WPS_PBC")
117 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
118 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
119 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
120 if "[WPS-PBC]" not in bss
['flags']:
121 raise Exception("WPS-PBC flag missing from AP1")
122 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
123 if "[WPS-PBC]" not in bss
['flags']:
124 raise Exception("WPS-PBC flag missing from AP2")
125 dev
[0].dump_monitor()
126 dev
[0].request("SET wps_cred_processing 2")
127 dev
[0].request("WPS_PBC")
128 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=30)
129 dev
[0].request("SET wps_cred_processing 0")
131 raise Exception("WPS cred event not seen")
133 raise Exception("WPS attributes not included in the cred event")
134 dev
[0].wait_connected(timeout
=30)
136 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
137 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
138 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
139 if "[WPS-PBC]" in bss
['flags']:
140 raise Exception("WPS-PBC flag not cleared from AP1")
141 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
142 if "[WPS-PBC]" in bss
['flags']:
143 raise Exception("WPS-PBC flag not cleared from AP2")
145 def test_ap_wps_init_2ap_pin(dev
, apdev
):
146 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
148 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
149 hapd
= hostapd
.add_ap(apdev
[0], params
)
150 hostapd
.add_ap(apdev
[1], params
)
151 logger
.info("WPS provisioning step")
152 pin
= dev
[0].wps_read_pin()
153 hapd
.request("WPS_PIN any " + pin
)
154 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
155 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
156 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
157 if "[WPS-AUTH]" not in bss
['flags']:
158 raise Exception("WPS-AUTH flag missing from AP1")
159 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
160 if "[WPS-AUTH]" not in bss
['flags']:
161 raise Exception("WPS-AUTH flag missing from AP2")
162 dev
[0].dump_monitor()
163 dev
[0].request("WPS_PIN any " + pin
)
164 dev
[0].wait_connected(timeout
=30)
166 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
167 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
168 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
169 if "[WPS-AUTH]" in bss
['flags']:
170 raise Exception("WPS-AUTH flag not cleared from AP1")
171 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
172 if "[WPS-AUTH]" in bss
['flags']:
173 raise Exception("WPS-AUTH flag not cleared from AP2")
176 def test_ap_wps_init_through_wps_config(dev
, apdev
):
177 """Initial AP configuration using wps_config command"""
178 ssid
= "test-wps-init-config"
179 hapd
= hostapd
.add_ap(apdev
[0],
180 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
181 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
182 raise Exception("WPS_CONFIG command failed")
183 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
185 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
186 # It takes some time for the AP to update Beacon and Probe Response frames,
187 # so wait here before requesting the scan to be started to avoid adding
188 # extra five second wait to the test due to fetching obsolete scan results.
191 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
192 pairwise
="CCMP", group
="CCMP")
194 if "FAIL" not in hapd
.request("WPS_CONFIG foo"):
195 raise Exception("Invalid WPS_CONFIG accepted")
198 def test_ap_wps_init_through_wps_config_2(dev
, apdev
):
199 """AP configuration using wps_config and wps_cred_processing=2"""
200 ssid
= "test-wps-init-config"
201 hapd
= hostapd
.add_ap(apdev
[0],
202 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
203 "wps_cred_processing": "2"})
204 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
205 raise Exception("WPS_CONFIG command failed")
206 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
208 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
210 raise Exception("WPS-NEW-AP-SETTINGS did not include Credential")
213 def test_ap_wps_invalid_wps_config_passphrase(dev
, apdev
):
214 """AP configuration using wps_config command with invalid passphrase"""
215 ssid
= "test-wps-init-config"
216 hapd
= hostapd
.add_ap(apdev
[0],
217 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
218 if "FAIL" not in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"1234567").decode()):
219 raise Exception("Invalid WPS_CONFIG command accepted")
221 def test_ap_wps_conf(dev
, apdev
):
222 """WPS PBC provisioning with configured AP"""
223 ssid
= "test-wps-conf"
224 hapd
= hostapd
.add_ap(apdev
[0],
225 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
226 "wpa_passphrase": "12345678", "wpa": "2",
227 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
228 logger
.info("WPS provisioning step")
229 hapd
.request("WPS_PBC")
230 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
231 dev
[0].dump_monitor()
232 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
233 dev
[0].wait_connected(timeout
=30)
234 status
= dev
[0].get_status()
235 if status
['wpa_state'] != 'COMPLETED':
236 raise Exception("Not fully connected")
237 if status
['bssid'] != apdev
[0]['bssid']:
238 raise Exception("Unexpected BSSID")
239 if status
['ssid'] != ssid
:
240 raise Exception("Unexpected SSID")
241 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
242 raise Exception("Unexpected encryption configuration")
243 if status
['key_mgmt'] != 'WPA2-PSK':
244 raise Exception("Unexpected key_mgmt")
246 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
247 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
248 raise Exception("Device name not available in STA command")
250 def test_ap_wps_conf_5ghz(dev
, apdev
):
251 """WPS PBC provisioning with configured AP on 5 GHz band"""
254 ssid
= "test-wps-conf"
255 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
256 "wpa_passphrase": "12345678", "wpa": "2",
257 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
258 "country_code": "FI", "hw_mode": "a", "channel": "36"}
259 hapd
= hostapd
.add_ap(apdev
[0], params
)
260 logger
.info("WPS provisioning step")
261 hapd
.request("WPS_PBC")
262 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="5180")
263 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
264 dev
[0].wait_connected(timeout
=30)
266 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
267 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
268 raise Exception("Device name not available in STA command")
270 dev
[0].request("DISCONNECT")
271 clear_regdom(hapd
, dev
)
273 def test_ap_wps_conf_chan14(dev
, apdev
):
274 """WPS PBC provisioning with configured AP on channel 14"""
277 ssid
= "test-wps-conf"
278 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
279 "wpa_passphrase": "12345678", "wpa": "2",
280 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
281 "country_code": "JP", "hw_mode": "b", "channel": "14"}
282 hapd
= hostapd
.add_ap(apdev
[0], params
)
283 logger
.info("WPS provisioning step")
284 hapd
.request("WPS_PBC")
285 dev
[0].request("WPS_PBC")
286 dev
[0].wait_connected(timeout
=30)
288 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
289 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
290 raise Exception("Device name not available in STA command")
292 dev
[0].request("DISCONNECT")
293 clear_regdom(hapd
, dev
)
296 def test_ap_wps_twice(dev
, apdev
):
297 """WPS provisioning with twice to change passphrase"""
298 ssid
= "test-wps-twice"
299 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
300 "wpa_passphrase": "12345678", "wpa": "2",
301 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
302 hapd
= hostapd
.add_ap(apdev
[0], params
)
303 logger
.info("WPS provisioning step")
304 hapd
.request("WPS_PBC")
305 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
306 dev
[0].dump_monitor()
307 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
308 dev
[0].wait_connected(timeout
=30)
309 dev
[0].request("DISCONNECT")
311 logger
.info("Restart AP with different passphrase and re-run WPS")
312 hostapd
.remove_bss(apdev
[0])
313 params
['wpa_passphrase'] = 'another passphrase'
314 hapd
= hostapd
.add_ap(apdev
[0], params
)
315 logger
.info("WPS provisioning step")
316 hapd
.request("WPS_PBC")
317 dev
[0].dump_monitor()
318 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
319 dev
[0].wait_connected(timeout
=30)
320 networks
= dev
[0].list_networks()
321 if len(networks
) > 1:
322 raise Exception("Unexpected duplicated network block present")
325 def test_ap_wps_incorrect_pin(dev
, apdev
):
326 """WPS PIN provisioning with incorrect PIN"""
327 ssid
= "test-wps-incorrect-pin"
328 hapd
= hostapd
.add_ap(apdev
[0],
329 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
330 "wpa_passphrase": "12345678", "wpa": "2",
331 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
333 logger
.info("WPS provisioning attempt 1")
334 hapd
.request("WPS_PIN any 12345670")
335 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
336 dev
[0].dump_monitor()
337 dev
[0].request("WPS_PIN %s 55554444" % apdev
[0]['bssid'])
338 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
340 raise Exception("WPS operation timed out")
341 if "config_error=18" not in ev
:
342 raise Exception("Incorrect config_error reported")
343 if "msg=8" not in ev
:
344 raise Exception("PIN error detected on incorrect message")
345 dev
[0].wait_disconnected(timeout
=10)
346 dev
[0].request("WPS_CANCEL")
347 # if a scan was in progress, wait for it to complete before trying WPS again
348 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
350 status
= hapd
.request("WPS_GET_STATUS")
351 if "Last WPS result: Failed" not in status
:
352 raise Exception("WPS failure result not shown correctly")
354 logger
.info("WPS provisioning attempt 2")
355 hapd
.request("WPS_PIN any 12345670")
356 dev
[0].dump_monitor()
357 dev
[0].request("WPS_PIN %s 12344444" % apdev
[0]['bssid'])
358 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
360 raise Exception("WPS operation timed out")
361 if "config_error=18" not in ev
:
362 raise Exception("Incorrect config_error reported")
363 if "msg=10" not in ev
:
364 raise Exception("PIN error detected on incorrect message")
365 dev
[0].wait_disconnected(timeout
=10)
368 def test_ap_wps_conf_pin(dev
, apdev
):
369 """WPS PIN provisioning with configured AP"""
370 ssid
= "test-wps-conf-pin"
371 hapd
= hostapd
.add_ap(apdev
[0],
372 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
373 "wpa_passphrase": "12345678", "wpa": "2",
374 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
375 logger
.info("WPS provisioning step")
376 pin
= dev
[0].wps_read_pin()
377 hapd
.request("WPS_PIN any " + pin
)
378 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
379 dev
[0].dump_monitor()
380 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
381 dev
[0].wait_connected(timeout
=30)
382 status
= dev
[0].get_status()
383 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
384 raise Exception("Not fully connected")
385 if status
['ssid'] != ssid
:
386 raise Exception("Unexpected SSID")
387 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
388 raise Exception("Unexpected encryption configuration")
389 if status
['key_mgmt'] != 'WPA2-PSK':
390 raise Exception("Unexpected key_mgmt")
392 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
393 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
394 if "[WPS-AUTH]" in bss
['flags']:
395 raise Exception("WPS-AUTH flag not cleared")
396 logger
.info("Try to connect from another station using the same PIN")
397 pin
= dev
[1].request("WPS_PIN " + apdev
[0]['bssid'])
398 ev
= dev
[1].wait_event(["WPS-M2D", "CTRL-EVENT-CONNECTED"], timeout
=30)
400 raise Exception("Operation timed out")
401 if "WPS-M2D" not in ev
:
402 raise Exception("Unexpected WPS operation started")
403 hapd
.request("WPS_PIN any " + pin
)
404 dev
[1].wait_connected(timeout
=30)
406 def test_ap_wps_conf_pin_mixed_mode(dev
, apdev
):
407 """WPS PIN provisioning with configured AP (WPA+WPA2)"""
408 ssid
= "test-wps-conf-pin-mixed"
409 hapd
= hostapd
.add_ap(apdev
[0],
410 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
411 "wpa_passphrase": "12345678", "wpa": "3",
412 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
413 "wpa_pairwise": "TKIP"})
415 logger
.info("WPS provisioning step")
416 pin
= dev
[0].wps_read_pin()
417 hapd
.request("WPS_PIN any " + pin
)
418 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
419 dev
[0].dump_monitor()
420 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
421 dev
[0].wait_connected(timeout
=30)
422 status
= dev
[0].get_status()
423 dev
[0].request("REMOVE_NETWORK all")
424 dev
[0].wait_disconnected()
425 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
426 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
428 logger
.info("WPS provisioning step (auth_types=0x1b)")
429 if "OK" not in dev
[0].request("SET wps_force_auth_types 0x1b"):
430 raise Exception("Failed to set wps_force_auth_types 0x1b")
431 pin
= dev
[0].wps_read_pin()
432 hapd
.request("WPS_PIN any " + pin
)
433 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
434 dev
[0].dump_monitor()
435 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
436 dev
[0].wait_connected(timeout
=30)
437 status
= dev
[0].get_status()
438 dev
[0].request("REMOVE_NETWORK all")
439 dev
[0].wait_disconnected()
440 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
441 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
443 logger
.info("WPS provisioning step (auth_types=0 encr_types=0)")
444 if "OK" not in dev
[0].request("SET wps_force_auth_types 0"):
445 raise Exception("Failed to set wps_force_auth_types 0")
446 if "OK" not in dev
[0].request("SET wps_force_encr_types 0"):
447 raise Exception("Failed to set wps_force_encr_types 0")
448 pin
= dev
[0].wps_read_pin()
449 hapd
.request("WPS_PIN any " + pin
)
450 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
451 dev
[0].dump_monitor()
452 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
453 dev
[0].wait_connected(timeout
=30)
454 status
= dev
[0].get_status()
455 dev
[0].request("REMOVE_NETWORK all")
456 dev
[0].wait_disconnected()
457 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
458 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
460 dev
[0].request("SET wps_force_auth_types ")
461 dev
[0].request("SET wps_force_encr_types ")
464 def test_ap_wps_conf_pin_v1(dev
, apdev
):
465 """WPS PIN provisioning with configured WPS v1.0 AP"""
466 ssid
= "test-wps-conf-pin-v1"
467 hapd
= hostapd
.add_ap(apdev
[0],
468 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
469 "wpa_passphrase": "12345678", "wpa": "2",
470 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
471 logger
.info("WPS provisioning step")
472 pin
= dev
[0].wps_read_pin()
473 hapd
.request("SET wps_version_number 0x10")
474 hapd
.request("WPS_PIN any " + pin
)
476 for i
in range(0, 10):
477 dev
[0].scan(freq
="2412")
478 if "[WPS-PIN]" in dev
[0].request("SCAN_RESULTS"):
482 hapd
.request("SET wps_version_number 0x20")
483 raise Exception("WPS-PIN flag not seen in scan results")
484 dev
[0].dump_monitor()
485 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
486 dev
[0].wait_connected(timeout
=30)
487 hapd
.request("SET wps_version_number 0x20")
490 def test_ap_wps_conf_pin_2sta(dev
, apdev
):
491 """Two stations trying to use WPS PIN at the same time"""
492 ssid
= "test-wps-conf-pin2"
493 hapd
= hostapd
.add_ap(apdev
[0],
494 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
495 "wpa_passphrase": "12345678", "wpa": "2",
496 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
497 logger
.info("WPS provisioning step")
500 hapd
.request("WPS_PIN " + dev
[0].get_status_field("uuid") + " " + pin
)
501 hapd
.request("WPS_PIN " + dev
[1].get_status_field("uuid") + " " + pin
)
502 dev
[0].dump_monitor()
503 dev
[1].dump_monitor()
504 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
505 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
506 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
507 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
508 dev
[0].wait_connected(timeout
=30)
509 dev
[1].wait_connected(timeout
=30)
512 def test_ap_wps_conf_pin_timeout(dev
, apdev
):
513 """WPS PIN provisioning with configured AP timing out PIN"""
514 ssid
= "test-wps-conf-pin"
515 hapd
= hostapd
.add_ap(apdev
[0],
516 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
517 "wpa_passphrase": "12345678", "wpa": "2",
518 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
519 addr
= dev
[0].p2p_interface_addr()
520 pin
= dev
[0].wps_read_pin()
521 if "FAIL" not in hapd
.request("WPS_PIN "):
522 raise Exception("Unexpected success on invalid WPS_PIN")
523 hapd
.request("WPS_PIN any " + pin
+ " 1")
524 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
526 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
527 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=20)
529 raise Exception("WPS-PIN-NEEDED event timed out")
530 ev
= dev
[0].wait_event(["WPS-M2D"])
532 raise Exception("M2D not reported")
533 dev
[0].request("WPS_CANCEL")
535 hapd
.request("WPS_PIN any " + pin
+ " 20 " + addr
)
536 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
537 dev
[0].wait_connected(timeout
=30)
539 def test_ap_wps_reg_connect(dev
, apdev
):
540 """WPS registrar using AP PIN to connect"""
541 ssid
= "test-wps-reg-ap-pin"
543 hostapd
.add_ap(apdev
[0],
544 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
545 "wpa_passphrase": "12345678", "wpa": "2",
546 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
548 logger
.info("WPS provisioning step")
549 dev
[0].dump_monitor()
550 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
551 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
552 status
= dev
[0].get_status()
553 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
554 raise Exception("Not fully connected")
555 if status
['ssid'] != ssid
:
556 raise Exception("Unexpected SSID")
557 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
558 raise Exception("Unexpected encryption configuration")
559 if status
['key_mgmt'] != 'WPA2-PSK':
560 raise Exception("Unexpected key_mgmt")
562 def test_ap_wps_reg_connect_zero_len_ap_pin(dev
, apdev
):
563 """hostapd with zero length ap_pin parameter"""
564 ssid
= "test-wps-reg-ap-pin"
566 hostapd
.add_ap(apdev
[0],
567 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
568 "wpa_passphrase": "12345678", "wpa": "2",
569 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
571 logger
.info("WPS provisioning step")
572 dev
[0].dump_monitor()
573 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
574 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, no_wait
=True)
575 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
577 raise Exception("No WPS-FAIL reported")
578 if "msg=5 config_error=15" not in ev
:
579 raise Exception("Unexpected WPS-FAIL: " + ev
)
581 def test_ap_wps_reg_connect_mixed_mode(dev
, apdev
):
582 """WPS registrar using AP PIN to connect (WPA+WPA2)"""
583 ssid
= "test-wps-reg-ap-pin"
585 hostapd
.add_ap(apdev
[0],
586 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
587 "wpa_passphrase": "12345678", "wpa": "3",
588 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
589 "wpa_pairwise": "TKIP", "ap_pin": appin
})
590 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
591 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
592 status
= dev
[0].get_status()
593 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
594 raise Exception("Not fully connected")
595 if status
['ssid'] != ssid
:
596 raise Exception("Unexpected SSID")
597 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
598 raise Exception("Unexpected encryption configuration")
599 if status
['key_mgmt'] != 'WPA2-PSK':
600 raise Exception("Unexpected key_mgmt")
602 def test_ap_wps_reg_override_ap_settings(dev
, apdev
):
603 """WPS registrar and ap_settings override"""
604 ap_settings
= "/tmp/ap_wps_reg_override_ap_settings"
606 os
.remove(ap_settings
)
609 # Override AP Settings with values that point to another AP
610 data
= build_wsc_attr(ATTR_NETWORK_INDEX
, b
'\x01')
611 data
+= build_wsc_attr(ATTR_SSID
, b
"test")
612 data
+= build_wsc_attr(ATTR_AUTH_TYPE
, b
'\x00\x01')
613 data
+= build_wsc_attr(ATTR_ENCR_TYPE
, b
'\x00\x01')
614 data
+= build_wsc_attr(ATTR_NETWORK_KEY
, b
'')
615 data
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[1]['bssid'].replace(':', '')))
616 with
open(ap_settings
, "wb") as f
:
618 ssid
= "test-wps-reg-ap-pin"
620 hostapd
.add_ap(apdev
[0],
621 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
622 "wpa_passphrase": "12345678", "wpa": "2",
623 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
624 "ap_pin": appin
, "ap_settings": ap_settings
})
625 hapd2
= hostapd
.add_ap(apdev
[1], {"ssid": "test"})
626 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
627 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
=2412)
628 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
629 ev
= hapd2
.wait_event(['AP-STA-CONNECTED'], timeout
=10)
630 os
.remove(ap_settings
)
632 raise Exception("No connection with the other AP")
634 def check_wps_reg_failure(dev
, ap
, appin
):
635 dev
.request("WPS_REG " + ap
['bssid'] + " " + appin
)
636 ev
= dev
.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout
=15)
638 raise Exception("WPS operation timed out")
639 if "WPS-SUCCESS" in ev
:
640 raise Exception("WPS operation succeeded unexpectedly")
641 if "config_error=15" not in ev
:
642 raise Exception("WPS setup locked state was not reported correctly")
644 def test_ap_wps_random_ap_pin(dev
, apdev
):
645 """WPS registrar using random AP PIN"""
646 ssid
= "test-wps-reg-random-ap-pin"
647 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
648 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
649 "wpa_passphrase": "12345678", "wpa": "2",
650 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
651 "device_name": "Wireless AP", "manufacturer": "Company",
652 "model_name": "WAP", "model_number": "123",
653 "serial_number": "12345", "device_type": "6-0050F204-1",
654 "os_version": "01020300",
655 "config_methods": "label push_button",
656 "uuid": ap_uuid
, "upnp_iface": "lo"}
657 hapd
= hostapd
.add_ap(apdev
[0], params
)
658 appin
= hapd
.request("WPS_AP_PIN random")
660 raise Exception("Could not generate random AP PIN")
661 if appin
not in hapd
.request("WPS_AP_PIN get"):
662 raise Exception("Could not fetch current AP PIN")
663 logger
.info("WPS provisioning step")
664 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
665 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
667 hapd
.request("WPS_AP_PIN disable")
668 logger
.info("WPS provisioning step with AP PIN disabled")
669 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
670 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
672 logger
.info("WPS provisioning step with AP PIN reset")
674 hapd
.request("WPS_AP_PIN set " + appin
)
675 dev
[1].wps_reg(apdev
[0]['bssid'], appin
)
676 dev
[0].request("REMOVE_NETWORK all")
677 dev
[1].request("REMOVE_NETWORK all")
678 dev
[0].wait_disconnected(timeout
=10)
679 dev
[1].wait_disconnected(timeout
=10)
681 logger
.info("WPS provisioning step after AP PIN timeout")
682 hapd
.request("WPS_AP_PIN disable")
683 appin
= hapd
.request("WPS_AP_PIN random 1")
685 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
686 raise Exception("AP PIN unexpectedly still enabled")
687 check_wps_reg_failure(dev
[0], apdev
[0], appin
)
689 logger
.info("WPS provisioning step after AP PIN timeout(2)")
690 hapd
.request("WPS_AP_PIN disable")
692 hapd
.request("WPS_AP_PIN set " + appin
+ " 1")
694 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
695 raise Exception("AP PIN unexpectedly still enabled")
696 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
698 with
fail_test(hapd
, 1, "os_get_random;wps_generate_pin"):
699 hapd
.request("WPS_AP_PIN random 1")
700 hapd
.request("WPS_AP_PIN disable")
702 with
alloc_fail(hapd
, 1, "upnp_wps_set_ap_pin"):
703 hapd
.request("WPS_AP_PIN set 12345670")
704 hapd
.request("WPS_AP_PIN disable")
706 if "FAIL" not in hapd
.request("WPS_AP_PIN set"):
707 raise Exception("Invalid WPS_AP_PIN accepted")
708 if "FAIL" not in hapd
.request("WPS_AP_PIN foo"):
709 raise Exception("Invalid WPS_AP_PIN accepted")
711 def test_ap_wps_reg_config(dev
, apdev
):
712 """WPS registrar configuring an AP using AP PIN"""
713 ssid
= "test-wps-init-ap-pin"
715 hostapd
.add_ap(apdev
[0],
716 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
718 logger
.info("WPS configuration step")
719 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
720 dev
[0].dump_monitor()
721 new_ssid
= "wps-new-ssid"
722 new_passphrase
= "1234567890"
723 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
725 status
= dev
[0].get_status()
726 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
727 raise Exception("Not fully connected")
728 if status
['ssid'] != new_ssid
:
729 raise Exception("Unexpected SSID")
730 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
731 raise Exception("Unexpected encryption configuration")
732 if status
['key_mgmt'] != 'WPA2-PSK':
733 raise Exception("Unexpected key_mgmt")
735 logger
.info("Re-configure back to open")
736 dev
[0].request("REMOVE_NETWORK all")
737 dev
[0].flush_scan_cache()
738 dev
[0].dump_monitor()
739 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-open", "OPEN", "NONE", "")
740 status
= dev
[0].get_status()
741 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
742 raise Exception("Not fully connected")
743 if status
['ssid'] != "wps-open":
744 raise Exception("Unexpected SSID")
745 if status
['key_mgmt'] != 'NONE':
746 raise Exception("Unexpected key_mgmt")
748 def test_ap_wps_reg_config_ext_processing(dev
, apdev
):
749 """WPS registrar configuring an AP with external config processing"""
750 ssid
= "test-wps-init-ap-pin"
752 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
753 "wps_cred_processing": "1", "ap_pin": appin
}
754 hapd
= hostapd
.add_ap(apdev
[0], params
)
755 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
756 new_ssid
= "wps-new-ssid"
757 new_passphrase
= "1234567890"
758 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
759 new_passphrase
, no_wait
=True)
760 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
762 raise Exception("WPS registrar operation timed out")
763 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=15)
765 raise Exception("WPS configuration timed out")
767 raise Exception("AP Settings missing from event")
768 hapd
.request("SET wps_cred_processing 0")
769 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(new_ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(new_passphrase
.encode()).decode()):
770 raise Exception("WPS_CONFIG command failed")
771 dev
[0].wait_connected(timeout
=15)
773 def test_ap_wps_reg_config_tkip(dev
, apdev
):
774 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
775 skip_with_fips(dev
[0])
776 ssid
= "test-wps-init-ap"
778 hostapd
.add_ap(apdev
[0],
779 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
781 logger
.info("WPS configuration step")
782 dev
[0].request("SET wps_version_number 0x10")
783 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
784 dev
[0].dump_monitor()
785 new_ssid
= "wps-new-ssid-with-tkip"
786 new_passphrase
= "1234567890"
787 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPAPSK", "TKIP",
789 logger
.info("Re-connect to verify WPA2 mixed mode")
790 dev
[0].request("DISCONNECT")
792 dev
[0].set_network(id, "pairwise", "CCMP")
793 dev
[0].set_network(id, "proto", "RSN")
794 dev
[0].connect_network(id)
795 status
= dev
[0].get_status()
796 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
797 raise Exception("Not fully connected: wpa_state={} bssid={}".format(status
['wpa_state'], status
['bssid']))
798 if status
['ssid'] != new_ssid
:
799 raise Exception("Unexpected SSID")
800 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
801 raise Exception("Unexpected encryption configuration")
802 if status
['key_mgmt'] != 'WPA2-PSK':
803 raise Exception("Unexpected key_mgmt")
805 def test_ap_wps_setup_locked(dev
, apdev
):
806 """WPS registrar locking up AP setup on AP PIN failures"""
807 ssid
= "test-wps-incorrect-ap-pin"
809 hapd
= hostapd
.add_ap(apdev
[0],
810 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
811 "wpa_passphrase": "12345678", "wpa": "2",
812 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
814 new_ssid
= "wps-new-ssid-test"
815 new_passphrase
= "1234567890"
817 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
818 ap_setup_locked
= False
819 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
820 dev
[0].dump_monitor()
821 logger
.info("Try incorrect AP PIN - attempt " + pin
)
822 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
823 "CCMP", new_passphrase
, no_wait
=True)
824 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
826 raise Exception("Timeout on receiving WPS operation failure event")
827 if "CTRL-EVENT-CONNECTED" in ev
:
828 raise Exception("Unexpected connection")
829 if "config_error=15" in ev
:
830 logger
.info("AP Setup Locked")
831 ap_setup_locked
= True
832 elif "config_error=18" not in ev
:
833 raise Exception("config_error=18 not reported")
834 dev
[0].wait_disconnected(timeout
=10)
836 if not ap_setup_locked
:
837 raise Exception("AP setup was not locked")
838 dev
[0].request("WPS_CANCEL")
839 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True,
841 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
842 if 'wps_ap_setup_locked' not in bss
or bss
['wps_ap_setup_locked'] != '1':
843 logger
.info("BSS: " + str(bss
))
844 raise Exception("AP Setup Locked not indicated in scan results")
846 status
= hapd
.request("WPS_GET_STATUS")
847 if "Last WPS result: Failed" not in status
:
848 raise Exception("WPS failure result not shown correctly")
849 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
850 raise Exception("Peer address not shown correctly")
853 dev
[0].dump_monitor()
854 logger
.info("WPS provisioning step")
855 pin
= dev
[0].wps_read_pin()
856 hapd
.request("WPS_PIN any " + pin
)
857 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
858 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
860 raise Exception("WPS success was not reported")
861 dev
[0].wait_connected(timeout
=30)
863 appin
= hapd
.request("WPS_AP_PIN random")
865 raise Exception("Could not generate random AP PIN")
866 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=10)
868 raise Exception("Failed to unlock AP PIN")
870 def test_ap_wps_setup_locked_timeout(dev
, apdev
):
871 """WPS re-enabling AP PIN after timeout"""
872 ssid
= "test-wps-incorrect-ap-pin"
874 hapd
= hostapd
.add_ap(apdev
[0],
875 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
876 "wpa_passphrase": "12345678", "wpa": "2",
877 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
879 new_ssid
= "wps-new-ssid-test"
880 new_passphrase
= "1234567890"
882 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
883 ap_setup_locked
= False
884 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
885 dev
[0].dump_monitor()
886 logger
.info("Try incorrect AP PIN - attempt " + pin
)
887 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
888 "CCMP", new_passphrase
, no_wait
=True)
889 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"], timeout
=15)
891 raise Exception("Timeout on receiving WPS operation failure event")
892 if "CTRL-EVENT-CONNECTED" in ev
:
893 raise Exception("Unexpected connection")
894 if "config_error=15" in ev
:
895 logger
.info("AP Setup Locked")
896 ap_setup_locked
= True
898 elif "config_error=18" not in ev
:
899 raise Exception("config_error=18 not reported")
900 dev
[0].wait_disconnected(timeout
=10)
902 if not ap_setup_locked
:
903 raise Exception("AP setup was not locked")
904 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=80)
906 raise Exception("AP PIN did not get unlocked on 60 second timeout")
908 def test_ap_wps_setup_locked_2(dev
, apdev
):
909 """WPS AP configured for special ap_setup_locked=2 mode"""
910 ssid
= "test-wps-ap-pin"
912 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
913 "wpa_passphrase": "12345678", "wpa": "2",
914 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
915 "ap_pin": appin
, "ap_setup_locked": "2"}
916 hapd
= hostapd
.add_ap(apdev
[0], params
)
917 new_ssid
= "wps-new-ssid-test"
918 new_passphrase
= "1234567890"
920 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
921 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
922 dev
[0].request("REMOVE_NETWORK all")
923 dev
[0].wait_disconnected()
926 dev
[0].dump_monitor()
927 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK",
928 "CCMP", new_passphrase
, no_wait
=True)
930 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
932 raise Exception("hostapd did not report WPS failure")
933 if "msg=12 config_error=15" not in ev
:
934 raise Exception("Unexpected failure reason (AP): " + ev
)
936 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
938 raise Exception("Timeout on receiving WPS operation failure event")
939 if "CTRL-EVENT-CONNECTED" in ev
:
940 raise Exception("Unexpected connection")
941 if "config_error=15" not in ev
:
942 raise Exception("Unexpected failure reason (STA): " + ev
)
943 dev
[0].request("WPS_CANCEL")
944 dev
[0].wait_disconnected()
947 def test_ap_wps_pbc_overlap_2ap(dev
, apdev
):
948 """WPS PBC session overlap with two active APs"""
949 params
= {"ssid": "wps1", "eap_server": "1", "wps_state": "2",
950 "wpa_passphrase": "12345678", "wpa": "2",
951 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
952 "wps_independent": "1"}
953 hapd
= hostapd
.add_ap(apdev
[0], params
)
954 params
= {"ssid": "wps2", "eap_server": "1", "wps_state": "2",
955 "wpa_passphrase": "123456789", "wpa": "2",
956 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
957 "wps_independent": "1"}
958 hapd2
= hostapd
.add_ap(apdev
[1], params
)
959 hapd
.request("WPS_PBC")
960 hapd2
.request("WPS_PBC")
961 logger
.info("WPS provisioning step")
962 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
963 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
964 dev
[0].request("WPS_PBC")
965 ev
= dev
[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout
=15)
967 raise Exception("PBC session overlap not detected")
968 hapd
.request("DISABLE")
969 hapd2
.request("DISABLE")
970 dev
[0].flush_scan_cache()
973 def test_ap_wps_pbc_overlap_2sta(dev
, apdev
):
974 """WPS PBC session overlap with two active STAs"""
975 ssid
= "test-wps-pbc-overlap"
976 hapd
= hostapd
.add_ap(apdev
[0],
977 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
978 "wpa_passphrase": "12345678", "wpa": "2",
979 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
980 logger
.info("WPS provisioning step")
981 hapd
.request("WPS_PBC")
982 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
983 dev
[0].dump_monitor()
984 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
985 dev
[1].dump_monitor()
986 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
987 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
988 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=15)
990 raise Exception("PBC session overlap not detected (dev0)")
991 if "config_error=12" not in ev
:
992 raise Exception("PBC session overlap not correctly reported (dev0)")
993 dev
[0].request("WPS_CANCEL")
994 dev
[0].request("DISCONNECT")
995 ev
= dev
[1].wait_event(["WPS-M2D"], timeout
=15)
997 raise Exception("PBC session overlap not detected (dev1)")
998 if "config_error=12" not in ev
:
999 raise Exception("PBC session overlap not correctly reported (dev1)")
1000 dev
[1].request("WPS_CANCEL")
1001 dev
[1].request("DISCONNECT")
1002 hapd
.request("WPS_CANCEL")
1003 ret
= hapd
.request("WPS_PBC")
1004 if "FAIL" not in ret
:
1005 raise Exception("PBC mode allowed to be started while PBC overlap still active")
1006 hapd
.request("DISABLE")
1007 dev
[0].flush_scan_cache()
1008 dev
[1].flush_scan_cache()
1011 def test_ap_wps_cancel(dev
, apdev
):
1012 """WPS AP cancelling enabled config method"""
1013 ssid
= "test-wps-ap-cancel"
1014 hapd
= hostapd
.add_ap(apdev
[0],
1015 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1016 "wpa_passphrase": "12345678", "wpa": "2",
1017 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
1018 bssid
= apdev
[0]['bssid']
1020 logger
.info("Verify PBC enable/cancel")
1021 hapd
.request("WPS_PBC")
1022 dev
[0].scan(freq
="2412")
1023 dev
[0].scan(freq
="2412")
1024 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1025 if "[WPS-PBC]" not in bss
['flags']:
1026 raise Exception("WPS-PBC flag missing")
1027 if "FAIL" in hapd
.request("WPS_CANCEL"):
1028 raise Exception("WPS_CANCEL failed")
1029 dev
[0].scan(freq
="2412")
1030 dev
[0].scan(freq
="2412")
1031 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1032 if "[WPS-PBC]" in bss
['flags']:
1033 raise Exception("WPS-PBC flag not cleared")
1035 logger
.info("Verify PIN enable/cancel")
1036 hapd
.request("WPS_PIN any 12345670")
1037 dev
[0].scan(freq
="2412")
1038 dev
[0].scan(freq
="2412")
1039 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1040 if "[WPS-AUTH]" not in bss
['flags']:
1041 raise Exception("WPS-AUTH flag missing")
1042 if "FAIL" in hapd
.request("WPS_CANCEL"):
1043 raise Exception("WPS_CANCEL failed")
1044 dev
[0].scan(freq
="2412")
1045 dev
[0].scan(freq
="2412")
1046 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1047 if "[WPS-AUTH]" in bss
['flags']:
1048 raise Exception("WPS-AUTH flag not cleared")
1050 def test_ap_wps_er_add_enrollee(dev
, apdev
):
1051 """WPS ER configuring AP and adding a new enrollee using PIN"""
1053 _test_ap_wps_er_add_enrollee(dev
, apdev
)
1055 dev
[0].request("WPS_ER_STOP")
1057 def _test_ap_wps_er_add_enrollee(dev
, apdev
):
1058 ssid
= "wps-er-add-enrollee"
1060 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1061 hostapd
.add_ap(apdev
[0],
1062 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
1063 "device_name": "Wireless AP", "manufacturer": "Company",
1064 "model_name": "WAP", "model_number": "123",
1065 "serial_number": "12345", "device_type": "6-0050F204-1",
1066 "os_version": "01020300",
1067 'friendly_name': "WPS AP - <>&'\" - TEST",
1068 "config_methods": "label push_button",
1069 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1070 logger
.info("WPS configuration step")
1071 new_passphrase
= "1234567890"
1072 dev
[0].dump_monitor()
1073 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1074 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
, ssid
, "WPA2PSK", "CCMP",
1076 status
= dev
[0].get_status()
1077 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1078 raise Exception("Not fully connected")
1079 if status
['ssid'] != ssid
:
1080 raise Exception("Unexpected SSID")
1081 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
1082 raise Exception("Unexpected encryption configuration")
1083 if status
['key_mgmt'] != 'WPA2-PSK':
1084 raise Exception("Unexpected key_mgmt")
1086 logger
.info("Start ER")
1087 dev
[0].request("WPS_ER_START ifname=lo")
1088 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1090 raise Exception("AP discovery timed out")
1091 if ap_uuid
not in ev
:
1092 raise Exception("Expected AP UUID not found")
1093 if "|WPS AP - <>&'" - TEST|Company|" not in ev
:
1094 raise Exception("Expected friendly name not found")
1096 logger
.info("Learn AP configuration through UPnP")
1097 dev
[0].dump_monitor()
1098 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1099 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1101 raise Exception("AP learn timed out")
1102 if ap_uuid
not in ev
:
1103 raise Exception("Expected AP UUID not in settings")
1104 if "ssid=" + ssid
not in ev
:
1105 raise Exception("Expected SSID not in settings")
1106 if "key=" + new_passphrase
not in ev
:
1107 raise Exception("Expected passphrase not in settings")
1108 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1110 raise Exception("WPS-FAIL after AP learn timed out")
1113 logger
.info("Add Enrollee using ER")
1114 pin
= dev
[1].wps_read_pin()
1115 dev
[0].dump_monitor()
1116 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1117 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1118 dev
[1].dump_monitor()
1119 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1120 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1122 raise Exception("Enrollee did not report success")
1123 dev
[1].wait_connected(timeout
=15)
1124 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1126 raise Exception("WPS ER did not report success")
1127 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1129 logger
.info("Add a specific Enrollee using ER")
1130 pin
= dev
[2].wps_read_pin()
1131 addr2
= dev
[2].p2p_interface_addr()
1132 dev
[0].dump_monitor()
1133 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1134 dev
[2].dump_monitor()
1135 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1136 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1138 raise Exception("Enrollee not seen")
1140 raise Exception("Unexpected Enrollee MAC address")
1141 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
1142 dev
[2].wait_connected(timeout
=30)
1143 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1145 raise Exception("WPS ER did not report success")
1147 logger
.info("Verify registrar selection behavior")
1148 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1149 dev
[1].request("DISCONNECT")
1150 dev
[1].wait_disconnected(timeout
=10)
1151 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1152 dev
[1].scan(freq
="2412")
1153 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1154 if "[WPS-AUTH]" not in bss
['flags']:
1155 # It is possible for scan to miss an update especially when running
1156 # tests under load with multiple VMs, so allow another attempt.
1157 dev
[1].scan(freq
="2412")
1158 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1159 if "[WPS-AUTH]" not in bss
['flags']:
1160 raise Exception("WPS-AUTH flag missing")
1162 logger
.info("Stop ER")
1163 dev
[0].dump_monitor()
1164 dev
[0].request("WPS_ER_STOP")
1165 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"])
1167 raise Exception("WPS ER unsubscription timed out")
1168 # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
1169 # a bit before verifying that the scan results have changed.
1172 for i
in range(0, 10):
1173 dev
[1].request("BSS_FLUSH 0")
1174 dev
[1].scan(freq
="2412", only_new
=True)
1175 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1176 if bss
and 'flags' in bss
and "[WPS-AUTH]" not in bss
['flags']:
1178 logger
.debug("WPS-AUTH flag was still in place - wait a bit longer")
1180 if "[WPS-AUTH]" in bss
['flags']:
1181 raise Exception("WPS-AUTH flag not removed")
1183 def test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1184 """WPS ER adding a new enrollee identified by UUID"""
1186 _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
)
1188 dev
[0].request("WPS_ER_STOP")
1190 def _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1191 ssid
= "wps-er-add-enrollee"
1193 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1194 hostapd
.add_ap(apdev
[0],
1195 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1196 "wpa_passphrase": "12345678", "wpa": "2",
1197 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1198 "device_name": "Wireless AP", "manufacturer": "Company",
1199 "model_name": "WAP", "model_number": "123",
1200 "serial_number": "12345", "device_type": "6-0050F204-1",
1201 "os_version": "01020300",
1202 "config_methods": "label push_button",
1203 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1204 logger
.info("WPS configuration step")
1205 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1206 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1208 logger
.info("Start ER")
1209 dev
[0].request("WPS_ER_START ifname=lo")
1210 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1212 raise Exception("AP discovery timed out")
1213 if ap_uuid
not in ev
:
1214 raise Exception("Expected AP UUID not found")
1216 logger
.info("Learn AP configuration through UPnP")
1217 dev
[0].dump_monitor()
1218 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1219 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1221 raise Exception("AP learn timed out")
1222 if ap_uuid
not in ev
:
1223 raise Exception("Expected AP UUID not in settings")
1224 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1226 raise Exception("WPS-FAIL after AP learn timed out")
1229 logger
.info("Add a specific Enrollee using ER (PBC/UUID)")
1230 addr1
= dev
[1].p2p_interface_addr()
1231 dev
[0].dump_monitor()
1232 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1233 dev
[1].dump_monitor()
1234 dev
[1].request("WPS_PBC %s" % apdev
[0]['bssid'])
1235 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1237 raise Exception("Enrollee not seen")
1239 raise Exception("Unexpected Enrollee MAC address")
1240 uuid
= ev
.split(' ')[1]
1241 dev
[0].request("WPS_ER_PBC " + uuid
)
1242 dev
[1].wait_connected(timeout
=30)
1243 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1245 raise Exception("WPS ER did not report success")
1247 logger
.info("Add a specific Enrollee using ER (PIN/UUID)")
1248 pin
= dev
[2].wps_read_pin()
1249 addr2
= dev
[2].p2p_interface_addr()
1250 dev
[0].dump_monitor()
1251 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1252 dev
[2].dump_monitor()
1253 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1254 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1256 raise Exception("Enrollee not seen")
1258 raise Exception("Unexpected Enrollee MAC address")
1259 uuid
= ev
.split(' ')[1]
1260 dev
[0].request("WPS_ER_PIN " + uuid
+ " " + pin
)
1261 dev
[2].wait_connected(timeout
=30)
1262 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1264 raise Exception("WPS ER did not report success")
1266 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-REMOVE"], timeout
=15)
1268 raise Exception("No Enrollee STA entry timeout seen")
1270 logger
.info("Stop ER")
1271 dev
[0].dump_monitor()
1272 dev
[0].request("WPS_ER_STOP")
1274 def test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1275 """Multiple WPS ERs adding a new enrollee using PIN"""
1277 _test_ap_wps_er_multi_add_enrollee(dev
, apdev
)
1280 dev
[i
].request("WPS_ER_STOP")
1282 def _test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1283 ssid
= "wps-er-add-enrollee"
1285 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1286 hostapd
.add_ap(apdev
[0],
1287 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1288 "wpa_passphrase": "12345678", "wpa": "2",
1289 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1290 "device_name": "Wireless AP", "manufacturer": "Company",
1291 "model_name": "WAP", "model_number": "123",
1292 "serial_number": "12345", "device_type": "6-0050F204-1",
1293 "os_version": "01020300",
1294 'friendly_name': "WPS AP",
1295 "config_methods": "label push_button",
1296 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1299 dev
[i
].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1300 dev
[i
].wps_reg(apdev
[0]['bssid'], ap_pin
)
1302 dev
[i
].request("WPS_ER_START ifname=lo")
1304 ev
= dev
[i
].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1306 raise Exception("AP discovery timed out")
1307 dev
[i
].dump_monitor()
1309 dev
[i
].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1311 ev
= dev
[i
].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1313 raise Exception("AP learn timed out")
1314 ev
= dev
[i
].wait_event(["WPS-FAIL"], timeout
=15)
1316 raise Exception("WPS-FAIL after AP learn timed out")
1320 pin
= dev
[2].wps_read_pin()
1321 addr
= dev
[2].own_addr()
1322 dev
[0].dump_monitor()
1323 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1324 dev
[1].dump_monitor()
1325 dev
[1].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1327 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1328 dev
[2].dump_monitor()
1329 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1330 ev
= dev
[2].wait_event(["WPS-SUCCESS"], timeout
=30)
1332 raise Exception("Enrollee did not report success")
1333 dev
[2].wait_connected(timeout
=15)
1335 def test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1336 """WPS ER connected to AP and adding a new enrollee using PBC"""
1338 _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
)
1340 dev
[0].request("WPS_ER_STOP")
1342 def _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1343 ssid
= "wps-er-add-enrollee-pbc"
1345 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1346 hostapd
.add_ap(apdev
[0],
1347 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1348 "wpa_passphrase": "12345678", "wpa": "2",
1349 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1350 "device_name": "Wireless AP", "manufacturer": "Company",
1351 "model_name": "WAP", "model_number": "123",
1352 "serial_number": "12345", "device_type": "6-0050F204-1",
1353 "os_version": "01020300",
1354 "config_methods": "label push_button",
1355 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1356 logger
.info("Learn AP configuration")
1357 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1358 dev
[0].dump_monitor()
1359 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1360 status
= dev
[0].get_status()
1361 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1362 raise Exception("Not fully connected")
1364 logger
.info("Start ER")
1365 dev
[0].request("WPS_ER_START ifname=lo")
1366 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1368 raise Exception("AP discovery timed out")
1369 if ap_uuid
not in ev
:
1370 raise Exception("Expected AP UUID not found")
1372 enrollee
= dev
[1].p2p_interface_addr()
1374 if "FAIL-UNKNOWN-UUID" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1375 raise Exception("Unknown UUID not reported")
1377 logger
.info("Add Enrollee using ER and PBC")
1378 dev
[0].dump_monitor()
1379 dev
[1].dump_monitor()
1380 dev
[1].request("WPS_PBC")
1382 for i
in range(0, 2):
1383 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1385 raise Exception("Enrollee discovery timed out")
1389 raise Exception("Expected Enrollee not found")
1390 if "FAIL-NO-AP-SETTINGS" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1391 raise Exception("Unknown UUID not reported")
1392 logger
.info("Use learned network configuration on ER")
1393 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1394 if "OK" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1395 raise Exception("WPS_ER_PBC failed")
1397 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=15)
1399 raise Exception("Enrollee did not report success")
1400 dev
[1].wait_connected(timeout
=15)
1401 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1403 raise Exception("WPS ER did not report success")
1404 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1406 def test_ap_wps_er_pbc_overlap(dev
, apdev
):
1407 """WPS ER connected to AP and PBC session overlap"""
1409 _test_ap_wps_er_pbc_overlap(dev
, apdev
)
1411 dev
[0].request("WPS_ER_STOP")
1413 def _test_ap_wps_er_pbc_overlap(dev
, apdev
):
1414 ssid
= "wps-er-add-enrollee-pbc"
1416 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1417 hostapd
.add_ap(apdev
[0],
1418 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1419 "wpa_passphrase": "12345678", "wpa": "2",
1420 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1421 "device_name": "Wireless AP", "manufacturer": "Company",
1422 "model_name": "WAP", "model_number": "123",
1423 "serial_number": "12345", "device_type": "6-0050F204-1",
1424 "os_version": "01020300",
1425 "config_methods": "label push_button",
1426 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1427 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1428 dev
[0].dump_monitor()
1429 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1431 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1432 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1433 # avoid leaving dev 1 or 2 as the last Probe Request to the AP
1434 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True)
1436 dev
[0].dump_monitor()
1437 dev
[0].request("WPS_ER_START ifname=lo")
1439 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1441 raise Exception("AP discovery timed out")
1442 if ap_uuid
not in ev
:
1443 raise Exception("Expected AP UUID not found")
1445 # verify BSSID selection of the AP instead of UUID
1446 if "FAIL" in dev
[0].request("WPS_ER_SET_CONFIG " + apdev
[0]['bssid'] + " 0"):
1447 raise Exception("Could not select AP based on BSSID")
1449 dev
[0].dump_monitor()
1450 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1451 dev
[2].request("WPS_PBC " + apdev
[0]['bssid'])
1452 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1454 raise Exception("PBC scan failed")
1455 ev
= dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1457 raise Exception("PBC scan failed")
1460 addr1
= dev
[1].own_addr()
1461 addr2
= dev
[2].own_addr()
1463 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1465 raise Exception("Enrollee discovery timed out")
1474 if dev
[0].request("WPS_ER_PBC " + ap_uuid
) != "FAIL-PBC-OVERLAP\n":
1475 raise Exception("PBC overlap not reported")
1476 dev
[1].request("WPS_CANCEL")
1477 dev
[2].request("WPS_CANCEL")
1478 if dev
[0].request("WPS_ER_PBC foo") != "FAIL\n":
1479 raise Exception("Invalid WPS_ER_PBC accepted")
1481 def test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1482 """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
1484 _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
)
1486 dev
[0].request("WPS_ER_STOP")
1488 def _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1489 ssid
= "wps-er-add-enrollee-pbc"
1491 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1492 hostapd
.add_ap(apdev
[0],
1493 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1494 "wpa_passphrase": "12345678", "wpa": "2",
1495 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1496 "device_name": "Wireless AP", "manufacturer": "Company",
1497 "model_name": "WAP", "model_number": "123",
1498 "serial_number": "12345", "device_type": "6-0050F204-1",
1499 "os_version": "01020300",
1500 "config_methods": "label push_button",
1501 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1502 logger
.info("Learn AP configuration")
1503 dev
[0].request("SET wps_version_number 0x10")
1504 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1505 dev
[0].dump_monitor()
1506 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1507 status
= dev
[0].get_status()
1508 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1509 raise Exception("Not fully connected")
1511 logger
.info("Start ER")
1512 dev
[0].request("WPS_ER_START ifname=lo")
1513 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1515 raise Exception("AP discovery timed out")
1516 if ap_uuid
not in ev
:
1517 raise Exception("Expected AP UUID not found")
1519 logger
.info("Use learned network configuration on ER")
1520 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1522 logger
.info("Add Enrollee using ER and PIN")
1523 enrollee
= dev
[1].p2p_interface_addr()
1524 pin
= dev
[1].wps_read_pin()
1525 dev
[0].dump_monitor()
1526 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + enrollee
)
1527 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1528 dev
[1].dump_monitor()
1529 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1530 dev
[1].wait_connected(timeout
=30)
1531 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1533 raise Exception("WPS ER did not report success")
1536 def test_ap_wps_er_config_ap(dev
, apdev
):
1537 """WPS ER configuring AP over UPnP"""
1539 _test_ap_wps_er_config_ap(dev
, apdev
)
1541 dev
[0].request("WPS_ER_STOP")
1543 def _test_ap_wps_er_config_ap(dev
, apdev
):
1544 ssid
= "wps-er-ap-config"
1546 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1547 hostapd
.add_ap(apdev
[0],
1548 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1549 "wpa_passphrase": "12345678", "wpa": "2",
1550 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1551 "device_name": "Wireless AP", "manufacturer": "Company",
1552 "model_name": "WAP", "model_number": "123",
1553 "serial_number": "12345", "device_type": "6-0050F204-1",
1554 "os_version": "01020300",
1555 "config_methods": "label push_button",
1556 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1558 logger
.info("Connect ER to the AP")
1559 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
1561 logger
.info("WPS configuration step")
1562 dev
[0].request("WPS_ER_START ifname=lo")
1563 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1565 raise Exception("AP discovery timed out")
1566 if ap_uuid
not in ev
:
1567 raise Exception("Expected AP UUID not found")
1568 new_passphrase
= "1234567890"
1569 dev
[0].request("WPS_ER_CONFIG " + apdev
[0]['bssid'] + " " + ap_pin
+ " " +
1570 binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " +
1571 binascii
.hexlify(new_passphrase
.encode()).decode())
1572 ev
= dev
[0].wait_event(["WPS-SUCCESS"])
1574 raise Exception("WPS ER configuration operation timed out")
1575 dev
[0].wait_disconnected(timeout
=10)
1576 dev
[0].connect(ssid
, psk
="1234567890", scan_freq
="2412")
1578 logger
.info("WPS ER restart")
1579 dev
[0].request("WPS_ER_START")
1580 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1582 raise Exception("AP discovery timed out on ER restart")
1583 if ap_uuid
not in ev
:
1584 raise Exception("Expected AP UUID not found on ER restart")
1585 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1586 raise Exception("WPS_ER_STOP failed")
1587 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1588 raise Exception("WPS_ER_STOP failed")
1591 def test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1592 """WPS ER caching AP settings"""
1594 _test_ap_wps_er_cache_ap_settings(dev
, apdev
)
1596 dev
[0].request("WPS_ER_STOP")
1598 def _test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1599 ssid
= "wps-er-add-enrollee"
1601 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1602 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1603 "wpa_passphrase": "12345678", "wpa": "2",
1604 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1605 "device_name": "Wireless AP", "manufacturer": "Company",
1606 "model_name": "WAP", "model_number": "123",
1607 "serial_number": "12345", "device_type": "6-0050F204-1",
1608 "os_version": "01020300",
1609 "config_methods": "label push_button",
1610 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1611 hapd
= hostapd
.add_ap(apdev
[0], params
)
1612 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1613 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1614 id = int(dev
[0].list_networks()[0]['id'])
1615 dev
[0].set_network(id, "scan_freq", "2412")
1617 dev
[0].request("WPS_ER_START ifname=lo")
1618 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1620 raise Exception("AP discovery timed out")
1621 if ap_uuid
not in ev
:
1622 raise Exception("Expected AP UUID not found")
1624 dev
[0].dump_monitor()
1625 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1626 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1628 raise Exception("AP learn timed out")
1629 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1631 raise Exception("WPS-FAIL after AP learn timed out")
1637 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE", "CTRL-EVENT-DISCONNECTED"],
1640 raise Exception("AP removal or disconnection timed out")
1642 hapd
= hostapd
.add_ap(apdev
[0], params
)
1644 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1647 raise Exception("AP discovery or connection timed out")
1649 pin
= dev
[1].wps_read_pin()
1650 dev
[0].dump_monitor()
1651 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1655 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1656 dev
[1].dump_monitor()
1657 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1658 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1660 raise Exception("Enrollee did not report success")
1661 dev
[1].wait_connected(timeout
=15)
1662 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1664 raise Exception("WPS ER did not report success")
1666 dev
[0].dump_monitor()
1667 dev
[0].request("WPS_ER_STOP")
1669 def test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1670 """WPS ER caching AP settings (OOM)"""
1672 _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
)
1674 dev
[0].request("WPS_ER_STOP")
1676 def _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1677 ssid
= "wps-er-add-enrollee"
1679 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1680 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1681 "wpa_passphrase": "12345678", "wpa": "2",
1682 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1683 "device_name": "Wireless AP", "manufacturer": "Company",
1684 "model_name": "WAP", "model_number": "123",
1685 "serial_number": "12345", "device_type": "6-0050F204-1",
1686 "os_version": "01020300",
1687 "config_methods": "label push_button",
1688 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1689 hapd
= hostapd
.add_ap(apdev
[0], params
)
1690 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1691 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1692 id = int(dev
[0].list_networks()[0]['id'])
1693 dev
[0].set_network(id, "scan_freq", "2412")
1695 dev
[0].request("WPS_ER_START ifname=lo")
1696 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1698 raise Exception("AP discovery timed out")
1699 if ap_uuid
not in ev
:
1700 raise Exception("Expected AP UUID not found")
1702 dev
[0].dump_monitor()
1703 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1704 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1706 raise Exception("AP learn timed out")
1707 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1709 raise Exception("WPS-FAIL after AP learn timed out")
1712 with
alloc_fail(dev
[0], 1, "=wps_er_ap_use_cached_settings"):
1716 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1717 "CTRL-EVENT-DISCONNECTED"],
1720 raise Exception("AP removal or disconnection timed out")
1722 hapd
= hostapd
.add_ap(apdev
[0], params
)
1724 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1727 raise Exception("AP discovery or connection timed out")
1729 dev
[0].request("WPS_ER_STOP")
1731 def test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1732 """WPS ER caching AP settings (OOM 2)"""
1734 _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
)
1736 dev
[0].request("WPS_ER_STOP")
1738 def _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1739 ssid
= "wps-er-add-enrollee"
1741 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1742 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1743 "wpa_passphrase": "12345678", "wpa": "2",
1744 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1745 "device_name": "Wireless AP", "manufacturer": "Company",
1746 "model_name": "WAP", "model_number": "123",
1747 "serial_number": "12345", "device_type": "6-0050F204-1",
1748 "os_version": "01020300",
1749 "config_methods": "label push_button",
1750 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1751 hapd
= hostapd
.add_ap(apdev
[0], params
)
1752 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1753 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1754 id = int(dev
[0].list_networks()[0]['id'])
1755 dev
[0].set_network(id, "scan_freq", "2412")
1757 dev
[0].request("WPS_ER_START ifname=lo")
1758 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1760 raise Exception("AP discovery timed out")
1761 if ap_uuid
not in ev
:
1762 raise Exception("Expected AP UUID not found")
1764 dev
[0].dump_monitor()
1765 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1766 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1768 raise Exception("AP learn timed out")
1769 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1771 raise Exception("WPS-FAIL after AP learn timed out")
1774 with
alloc_fail(dev
[0], 1, "=wps_er_ap_cache_settings"):
1778 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1779 "CTRL-EVENT-DISCONNECTED"],
1782 raise Exception("AP removal or disconnection timed out")
1784 hapd
= hostapd
.add_ap(apdev
[0], params
)
1786 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1789 raise Exception("AP discovery or connection timed out")
1791 dev
[0].request("WPS_ER_STOP")
1793 def test_ap_wps_er_subscribe_oom(dev
, apdev
):
1794 """WPS ER subscribe OOM"""
1796 _test_ap_wps_er_subscribe_oom(dev
, apdev
)
1798 dev
[0].request("WPS_ER_STOP")
1800 def _test_ap_wps_er_subscribe_oom(dev
, apdev
):
1801 ssid
= "wps-er-add-enrollee"
1803 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1804 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1805 "wpa_passphrase": "12345678", "wpa": "2",
1806 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1807 "device_name": "Wireless AP", "manufacturer": "Company",
1808 "model_name": "WAP", "model_number": "123",
1809 "serial_number": "12345", "device_type": "6-0050F204-1",
1810 "os_version": "01020300",
1811 "config_methods": "label push_button",
1812 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1813 hapd
= hostapd
.add_ap(apdev
[0], params
)
1814 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1815 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1816 id = int(dev
[0].list_networks()[0]['id'])
1817 dev
[0].set_network(id, "scan_freq", "2412")
1819 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_subscribe"):
1820 dev
[0].request("WPS_ER_START ifname=lo")
1822 res
= dev
[0].request("GET_ALLOC_FAIL")
1823 if res
.startswith("0:"):
1826 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=0)
1828 raise Exception("Unexpected AP discovery during OOM")
1830 dev
[0].request("WPS_ER_STOP")
1832 def test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1833 """WPS ER SetSelectedRegistrar OOM"""
1835 _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
)
1837 dev
[0].request("WPS_ER_STOP")
1839 def _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1840 ssid
= "wps-er-add-enrollee"
1842 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1843 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1844 "wpa_passphrase": "12345678", "wpa": "2",
1845 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1846 "device_name": "Wireless AP", "manufacturer": "Company",
1847 "model_name": "WAP", "model_number": "123",
1848 "serial_number": "12345", "device_type": "6-0050F204-1",
1849 "os_version": "01020300",
1850 "config_methods": "label push_button",
1851 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1852 hapd
= hostapd
.add_ap(apdev
[0], params
)
1853 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1854 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1856 dev
[0].request("WPS_ER_START ifname=lo")
1857 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1859 raise Exception("AP not discovered")
1861 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1862 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1864 raise Exception("AP learn timed out")
1865 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1867 raise Exception("WPS-FAIL timed out")
1870 for func
in ["http_client_url_parse;wps_er_send_set_sel_reg",
1871 "wps_er_soap_hdr;wps_er_send_set_sel_reg",
1872 "http_client_addr;wps_er_send_set_sel_reg",
1873 "wpabuf_alloc;wps_er_set_sel_reg"]:
1874 with
alloc_fail(dev
[0], 1, func
):
1875 if "OK" not in dev
[0].request("WPS_ER_PBC " + ap_uuid
):
1876 raise Exception("WPS_ER_PBC failed")
1877 ev
= dev
[0].wait_event(["WPS-PBC-ACTIVE"], timeout
=3)
1879 raise Exception("WPS-PBC-ACTIVE not seen")
1881 dev
[0].request("WPS_ER_STOP")
1884 def test_ap_wps_er_learn_oom(dev
, apdev
):
1885 """WPS ER learn OOM"""
1887 _test_ap_wps_er_learn_oom(dev
, apdev
)
1889 dev
[0].request("WPS_ER_STOP")
1891 def _test_ap_wps_er_learn_oom(dev
, apdev
):
1892 ssid
= "wps-er-add-enrollee"
1894 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1895 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1896 "wpa_passphrase": "12345678", "wpa": "2",
1897 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1898 "device_name": "Wireless AP", "manufacturer": "Company",
1899 "model_name": "WAP", "model_number": "123",
1900 "serial_number": "12345", "device_type": "6-0050F204-1",
1901 "os_version": "01020300",
1902 "config_methods": "label push_button",
1903 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1904 hapd
= hostapd
.add_ap(apdev
[0], params
)
1905 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1906 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1908 dev
[0].request("WPS_ER_START ifname=lo")
1909 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1911 raise Exception("AP not discovered")
1913 for func
in ["wps_er_http_put_message_cb",
1914 "xml_get_base64_item;wps_er_http_put_message_cb",
1915 "http_client_url_parse;wps_er_ap_put_message",
1916 "wps_er_soap_hdr;wps_er_ap_put_message",
1917 "http_client_addr;wps_er_ap_put_message"]:
1918 with
alloc_fail(dev
[0], 1, func
):
1919 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1920 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=1)
1922 raise Exception("AP learn succeeded during OOM")
1924 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1925 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=10)
1927 raise Exception("AP learn did not succeed")
1929 if "FAIL" not in dev
[0].request("WPS_ER_LEARN 00000000-9e5c-4e73-bd82-f89cbcd10d7e " + ap_pin
):
1930 raise Exception("WPS_ER_LEARN for unknown AP accepted")
1932 dev
[0].request("WPS_ER_STOP")
1934 def test_ap_wps_fragmentation(dev
, apdev
):
1935 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
1936 ssid
= "test-wps-fragmentation"
1938 hapd
= hostapd
.add_ap(apdev
[0],
1939 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1940 "wpa_passphrase": "12345678", "wpa": "3",
1941 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1942 "wpa_pairwise": "TKIP", "ap_pin": appin
,
1943 "fragment_size": "50"})
1944 logger
.info("WPS provisioning step (PBC)")
1945 hapd
.request("WPS_PBC")
1946 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1947 dev
[0].dump_monitor()
1948 dev
[0].request("SET wps_fragment_size 50")
1949 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1950 dev
[0].wait_connected(timeout
=30)
1951 status
= dev
[0].get_status()
1952 if status
['wpa_state'] != 'COMPLETED':
1953 raise Exception("Not fully connected")
1954 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1955 raise Exception("Unexpected encryption configuration")
1956 if status
['key_mgmt'] != 'WPA2-PSK':
1957 raise Exception("Unexpected key_mgmt")
1959 logger
.info("WPS provisioning step (PIN)")
1960 pin
= dev
[1].wps_read_pin()
1961 hapd
.request("WPS_PIN any " + pin
)
1962 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1963 dev
[1].request("SET wps_fragment_size 50")
1964 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1965 dev
[1].wait_connected(timeout
=30)
1966 status
= dev
[1].get_status()
1967 if status
['wpa_state'] != 'COMPLETED':
1968 raise Exception("Not fully connected")
1969 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1970 raise Exception("Unexpected encryption configuration")
1971 if status
['key_mgmt'] != 'WPA2-PSK':
1972 raise Exception("Unexpected key_mgmt")
1974 logger
.info("WPS connection as registrar")
1975 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1976 dev
[2].request("SET wps_fragment_size 50")
1977 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
1978 status
= dev
[2].get_status()
1979 if status
['wpa_state'] != 'COMPLETED':
1980 raise Exception("Not fully connected")
1981 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1982 raise Exception("Unexpected encryption configuration")
1983 if status
['key_mgmt'] != 'WPA2-PSK':
1984 raise Exception("Unexpected key_mgmt")
1987 def test_ap_wps_new_version_sta(dev
, apdev
):
1988 """WPS compatibility with new version number on the station"""
1989 ssid
= "test-wps-ver"
1990 hapd
= hostapd
.add_ap(apdev
[0],
1991 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1992 "wpa_passphrase": "12345678", "wpa": "2",
1993 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
1994 logger
.info("WPS provisioning step")
1995 hapd
.request("WPS_PBC")
1996 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1997 dev
[0].dump_monitor()
1998 dev
[0].request("SET wps_version_number 0x43")
1999 dev
[0].request("SET wps_vendor_ext_m1 000137100100020001")
2000 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2001 dev
[0].wait_connected(timeout
=30)
2004 def test_ap_wps_new_version_ap(dev
, apdev
):
2005 """WPS compatibility with new version number on the AP"""
2006 ssid
= "test-wps-ver"
2007 hapd
= hostapd
.add_ap(apdev
[0],
2008 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2009 "wpa_passphrase": "12345678", "wpa": "2",
2010 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2011 logger
.info("WPS provisioning step")
2012 if "FAIL" in hapd
.request("SET wps_version_number 0x43"):
2013 raise Exception("Failed to enable test functionality")
2014 hapd
.request("WPS_PBC")
2015 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2016 dev
[0].dump_monitor()
2017 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2018 dev
[0].wait_connected(timeout
=30)
2019 hapd
.request("SET wps_version_number 0x20")
2022 def test_ap_wps_check_pin(dev
, apdev
):
2023 """Verify PIN checking through control interface"""
2024 hapd
= hostapd
.add_ap(apdev
[0],
2025 {"ssid": "wps", "eap_server": "1", "wps_state": "2",
2026 "wpa_passphrase": "12345678", "wpa": "2",
2027 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2028 for t
in [("12345670", "12345670"),
2029 ("12345678", "FAIL-CHECKSUM"),
2031 ("123456789", "FAIL"),
2032 ("1234-5670", "12345670"),
2033 ("1234 5670", "12345670"),
2034 ("1-2.3:4 5670", "12345670")]:
2035 res
= hapd
.request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2036 res2
= dev
[0].request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2038 raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
2040 raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res
, t
[1]))
2042 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 12345"):
2043 raise Exception("Unexpected WPS_CHECK_PIN success")
2044 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 123456789"):
2045 raise Exception("Unexpected WPS_CHECK_PIN success")
2047 for i
in range(0, 10):
2048 pin
= dev
[0].request("WPS_PIN get")
2049 rpin
= dev
[0].request("WPS_CHECK_PIN " + pin
).rstrip('\n')
2051 raise Exception("Random PIN validation failed for " + pin
)
2053 def test_ap_wps_pin_get_failure(dev
, apdev
):
2054 """PIN generation failure"""
2055 with
fail_test(dev
[0], 1,
2056 "os_get_random;wpa_supplicant_ctrl_iface_wps_pin"):
2057 if "FAIL" not in dev
[0].request("WPS_PIN get"):
2058 raise Exception("WPS_PIN did not report failure")
2060 def test_ap_wps_wep_config(dev
, apdev
):
2061 """WPS 2.0 AP rejecting WEP configuration"""
2062 ssid
= "test-wps-config"
2064 hapd
= hostapd
.add_ap(apdev
[0],
2065 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2067 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2068 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-new-ssid-wep", "OPEN", "WEP",
2069 "hello", no_wait
=True)
2070 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=15)
2072 raise Exception("WPS-FAIL timed out")
2073 if "reason=2" not in ev
:
2074 raise Exception("Unexpected reason code in WPS-FAIL")
2075 status
= hapd
.request("WPS_GET_STATUS")
2076 if "Last WPS result: Failed" not in status
:
2077 raise Exception("WPS failure result not shown correctly")
2078 if "Failure Reason: WEP Prohibited" not in status
:
2079 raise Exception("Failure reason not reported correctly")
2080 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
2081 raise Exception("Peer address not shown correctly")
2083 def test_ap_wps_wep_enroll(dev
, apdev
):
2084 """WPS 2.0 STA rejecting WEP configuration"""
2085 ssid
= "test-wps-wep"
2086 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2087 "skip_cred_build": "1", "extra_cred": "wps-wep-cred"}
2088 hapd
= hostapd
.add_ap(apdev
[0], params
)
2089 hapd
.request("WPS_PBC")
2090 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2091 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2092 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
2094 raise Exception("WPS-FAIL event timed out")
2095 if "msg=12" not in ev
or "reason=2 (WEP Prohibited)" not in ev
:
2096 raise Exception("Unexpected WPS-FAIL event: " + ev
)
2099 def test_ap_wps_ie_fragmentation(dev
, apdev
):
2100 """WPS AP using fragmented WPS IE"""
2101 ssid
= "test-wps-ie-fragmentation"
2102 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2103 "wpa_passphrase": "12345678", "wpa": "2",
2104 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2105 "device_name": "1234567890abcdef1234567890abcdef",
2106 "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
2107 "model_name": "1234567890abcdef1234567890abcdef",
2108 "model_number": "1234567890abcdef1234567890abcdef",
2109 "serial_number": "1234567890abcdef1234567890abcdef"}
2110 hapd
= hostapd
.add_ap(apdev
[0], params
)
2111 hapd
.request("WPS_PBC")
2112 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2113 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2114 dev
[0].wait_connected(timeout
=30)
2115 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2116 if "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2117 logger
.info("Device Name not received correctly")
2119 # This can fail if Probe Response frame is missed and Beacon frame was
2120 # used to fill in the BSS entry. This can happen, e.g., during heavy
2121 # load every now and then and is not really an error, so try to
2122 # workaround by runnign another scan.
2123 dev
[0].scan(freq
="2412", only_new
=True)
2124 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2125 if not bss
or "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2127 raise Exception("Device Name not received correctly")
2128 if len(re
.findall("dd..0050f204", bss
['ie'])) != 2:
2129 raise Exception("Unexpected number of WPS IEs")
2131 def get_psk(pskfile
):
2133 with
open(pskfile
, "r") as f
:
2134 lines
= f
.read().splitlines()
2136 if l
== "# WPA PSKs":
2138 (addr
, psk
) = l
.split(' ')
2142 def test_ap_wps_per_station_psk(dev
, apdev
):
2143 """WPS PBC provisioning with per-station PSK"""
2144 addr0
= dev
[0].own_addr()
2145 addr1
= dev
[1].own_addr()
2146 addr2
= dev
[2].own_addr()
2149 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2157 with
open(pskfile
, "w") as f
:
2158 f
.write("# WPA PSKs\n")
2160 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2161 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2162 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2163 "wpa_psk_file": pskfile
}
2164 hapd
= hostapd
.add_ap(apdev
[0], params
)
2166 logger
.info("First enrollee")
2167 hapd
.request("WPS_PBC")
2168 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2169 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2170 dev
[0].wait_connected(timeout
=30)
2172 logger
.info("Second enrollee")
2173 hapd
.request("WPS_PBC")
2174 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2175 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2176 dev
[1].wait_connected(timeout
=30)
2178 logger
.info("External registrar")
2179 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2180 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2182 logger
.info("Verifying PSK results")
2183 psks
= get_psk(pskfile
)
2184 if addr0
not in psks
:
2185 raise Exception("No PSK recorded for sta0")
2186 if addr1
not in psks
:
2187 raise Exception("No PSK recorded for sta1")
2188 if addr2
not in psks
:
2189 raise Exception("No PSK recorded for sta2")
2190 if psks
[addr0
] == psks
[addr1
]:
2191 raise Exception("Same PSK recorded for sta0 and sta1")
2192 if psks
[addr0
] == psks
[addr2
]:
2193 raise Exception("Same PSK recorded for sta0 and sta2")
2194 if psks
[addr1
] == psks
[addr2
]:
2195 raise Exception("Same PSK recorded for sta1 and sta2")
2197 dev
[0].request("REMOVE_NETWORK all")
2198 logger
.info("Second external registrar")
2199 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2200 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
2201 psks2
= get_psk(pskfile
)
2202 if addr0
not in psks2
:
2203 raise Exception("No PSK recorded for sta0(reg)")
2204 if psks
[addr0
] == psks2
[addr0
]:
2205 raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
2209 dev
[0].request("DISCONNECT")
2210 dev
[1].request("DISCONNECT")
2211 dev
[2].request("DISCONNECT")
2213 dev
[0].flush_scan_cache()
2214 dev
[1].flush_scan_cache()
2215 dev
[2].flush_scan_cache()
2217 def test_ap_wps_per_station_psk_failure(dev
, apdev
):
2218 """WPS PBC provisioning with per-station PSK (file not writable)"""
2219 addr0
= dev
[0].p2p_dev_addr()
2220 addr1
= dev
[1].p2p_dev_addr()
2221 addr2
= dev
[2].p2p_dev_addr()
2224 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2232 with
open(pskfile
, "w") as f
:
2233 f
.write("# WPA PSKs\n")
2235 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2236 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2237 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2238 "wpa_psk_file": pskfile
}
2239 hapd
= hostapd
.add_ap(apdev
[0], params
)
2240 if "FAIL" in hapd
.request("SET wpa_psk_file /tmp/does/not/exists/ap_wps_per_enrollee_psk_failure.psk_file"):
2241 raise Exception("Failed to set wpa_psk_file")
2243 logger
.info("First enrollee")
2244 hapd
.request("WPS_PBC")
2245 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2246 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2247 dev
[0].wait_connected(timeout
=30)
2249 logger
.info("Second enrollee")
2250 hapd
.request("WPS_PBC")
2251 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2252 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2253 dev
[1].wait_connected(timeout
=30)
2255 logger
.info("External registrar")
2256 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2257 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2259 logger
.info("Verifying PSK results")
2260 psks
= get_psk(pskfile
)
2262 raise Exception("PSK recorded unexpectedly")
2266 dev
[i
].request("DISCONNECT")
2269 dev
[i
].flush_scan_cache()
2272 def test_ap_wps_pin_request_file(dev
, apdev
):
2273 """WPS PIN provisioning with configured AP"""
2275 pinfile
= "/tmp/ap_wps_pin_request_file.log"
2276 if os
.path
.exists(pinfile
):
2278 hapd
= hostapd
.add_ap(apdev
[0],
2279 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2280 "wps_pin_requests": pinfile
,
2281 "wpa_passphrase": "12345678", "wpa": "2",
2282 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2283 uuid
= dev
[0].get_status_field("uuid")
2284 pin
= dev
[0].wps_read_pin()
2286 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2287 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
2288 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=15)
2290 raise Exception("PIN needed event not shown")
2292 raise Exception("UUID mismatch")
2293 dev
[0].request("WPS_CANCEL")
2295 with
open(pinfile
, "r") as f
:
2296 lines
= f
.readlines()
2302 raise Exception("PIN request entry not in the log file")
2309 def test_ap_wps_auto_setup_with_config_file(dev
, apdev
):
2310 """WPS auto-setup with configuration file"""
2311 conffile
= "/tmp/ap_wps_auto_setup_with_config_file.conf"
2312 ifname
= apdev
[0]['ifname']
2314 with
open(conffile
, "w") as f
:
2315 f
.write("driver=nl80211\n")
2316 f
.write("hw_mode=g\n")
2317 f
.write("channel=1\n")
2318 f
.write("ieee80211n=1\n")
2319 f
.write("interface=%s\n" % ifname
)
2320 f
.write("ctrl_interface=/var/run/hostapd\n")
2321 f
.write("ssid=wps\n")
2322 f
.write("eap_server=1\n")
2323 f
.write("wps_state=1\n")
2324 hapd
= hostapd
.add_bss(apdev
[0], ifname
, conffile
)
2325 hapd
.request("WPS_PBC")
2326 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2327 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2328 dev
[0].wait_connected(timeout
=30)
2329 with
open(conffile
, "r") as f
:
2330 lines
= f
.read().splitlines()
2334 [name
, value
] = l
.split('=', 1)
2336 except ValueError as e
:
2337 if "# WPS configuration" in l
:
2340 raise Exception("Unexpected configuration line: " + l
)
2341 if vals
['ieee80211n'] != '1' or vals
['wps_state'] != '2' or "WPA-PSK" not in vals
['wpa_key_mgmt']:
2342 raise Exception("Incorrect configuration: " + str(vals
))
2349 def test_ap_wps_pbc_timeout(dev
, apdev
, params
):
2350 """wpa_supplicant PBC walk time and WPS ER SelReg timeout [long]"""
2351 if not params
['long']:
2352 raise HwsimSkip("Skip test case with long duration due to --long not specified")
2353 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2354 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2356 location
= ssdp_get_location(ap_uuid
)
2357 urls
= upnp_get_urls(location
)
2358 eventurl
= urlparse(urls
['event_sub_url'])
2359 ctrlurl
= urlparse(urls
['control_url'])
2361 url
= urlparse(location
)
2362 conn
= HTTPConnection(url
.netloc
)
2364 class WPSERHTTPServer(StreamRequestHandler
):
2366 data
= self
.rfile
.readline().strip()
2368 self
.wfile
.write(gen_wps_event())
2370 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
2373 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2375 "timeout": "Second-1234"}
2376 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2377 resp
= conn
.getresponse()
2378 if resp
.status
!= 200:
2379 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2380 sid
= resp
.getheader("sid")
2381 logger
.debug("Subscription SID " + sid
)
2383 msg
= '''<?xml version="1.0"?>
2384 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
2386 <u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
2387 <NewMessage>EEoAARAQQQABARASAAIAABBTAAIxSBBJAA4ANyoAASABBv///////xBIABA2LbR7pTpRkYj7
2390 </u:SetSelectedRegistrar>
2393 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2394 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
2395 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
2396 resp
= conn
.getresponse()
2397 if resp
.status
!= 200:
2398 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2400 server
.handle_request()
2402 logger
.info("Start WPS_PBC and wait for PBC walk time expiration")
2403 if "OK" not in dev
[0].request("WPS_PBC"):
2404 raise Exception("WPS_PBC failed")
2406 start
= os
.times()[4]
2408 server
.handle_request()
2409 dev
[1].request("BSS_FLUSH 0")
2410 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2412 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2413 logger
.debug("BSS: " + str(bss
))
2414 if '[WPS-AUTH]' not in bss
['flags']:
2415 raise Exception("WPS not indicated authorized")
2417 server
.handle_request()
2419 wps_timeout_seen
= False
2423 dev
[1].dump_monitor()
2424 if not wps_timeout_seen
:
2425 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=0)
2427 logger
.info("PBC timeout seen")
2428 wps_timeout_seen
= True
2430 dev
[0].dump_monitor()
2432 if now
- start
> 130:
2433 raise Exception("Selected registration information not removed")
2434 dev
[1].request("BSS_FLUSH 0")
2435 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2437 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2438 logger
.debug("BSS: " + str(bss
))
2439 if '[WPS-AUTH]' not in bss
['flags']:
2441 server
.handle_request()
2443 server
.server_close()
2445 if wps_timeout_seen
:
2449 if now
< start
+ 150:
2450 dur
= start
+ 150 - now
2453 logger
.info("Continue waiting for PBC timeout (%d sec)" % dur
)
2454 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=dur
)
2456 raise Exception("WPS-TIMEOUT not reported")
2458 def add_ssdp_ap(ap
, ap_uuid
):
2461 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2462 "wpa_passphrase": "12345678", "wpa": "2",
2463 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2464 "device_name": "Wireless AP", "manufacturer": "Company",
2465 "model_name": "WAP", "model_number": "123",
2466 "serial_number": "12345", "device_type": "6-0050F204-1",
2467 "os_version": "01020300",
2468 "config_methods": "label push_button",
2469 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo",
2470 "friendly_name": "WPS Access Point",
2471 "manufacturer_url": "http://www.example.com/",
2472 "model_description": "Wireless Access Point",
2473 "model_url": "http://www.example.com/model/",
2474 "upc": "123456789012"}
2475 return hostapd
.add_ap(ap
, params
)
2477 def ssdp_send(msg
, no_recv
=False):
2478 socket
.setdefaulttimeout(1)
2479 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2480 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2481 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2482 sock
.bind(("127.0.0.1", 0))
2483 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2486 return sock
.recv(1000).decode()
2488 def ssdp_send_msearch(st
, no_recv
=False):
2490 'M-SEARCH * HTTP/1.1',
2491 'HOST: 239.255.255.250:1900',
2493 'MAN: "ssdp:discover"',
2496 return ssdp_send(msg
, no_recv
=no_recv
)
2498 def test_ap_wps_ssdp_msearch(dev
, apdev
):
2499 """WPS AP and SSDP M-SEARCH messages"""
2500 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2501 add_ssdp_ap(apdev
[0], ap_uuid
)
2504 'M-SEARCH * HTTP/1.1',
2505 'Host: 239.255.255.250:1900',
2507 'Man: "ssdp:discover"',
2508 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
2513 'M-SEARCH * HTTP/1.1',
2514 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
2516 'man: \t \t "ssdp:discover" ',
2517 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
2521 ssdp_send_msearch("ssdp:all")
2522 ssdp_send_msearch("upnp:rootdevice")
2523 ssdp_send_msearch("uuid:" + ap_uuid
)
2524 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
2525 ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1")
2528 'M-SEARCH * HTTP/1.1',
2529 'HOST:\t239.255.255.250:1900',
2530 'MAN: "ssdp:discover"',
2532 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2534 ssdp_send(msg
, no_recv
=True)
2536 def test_ap_wps_ssdp_invalid_msearch(dev
, apdev
):
2537 """WPS AP and invalid SSDP M-SEARCH messages"""
2538 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2539 add_ssdp_ap(apdev
[0], ap_uuid
)
2541 socket
.setdefaulttimeout(1)
2542 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2543 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2544 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2545 sock
.bind(("127.0.0.1", 0))
2547 logger
.debug("Missing MX")
2549 'M-SEARCH * HTTP/1.1',
2550 'HOST: 239.255.255.250:1900',
2551 'MAN: "ssdp:discover"',
2552 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2554 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2556 logger
.debug("Negative MX")
2558 'M-SEARCH * HTTP/1.1',
2559 'HOST: 239.255.255.250:1900',
2561 'MAN: "ssdp:discover"',
2562 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2564 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2566 logger
.debug("Invalid MX")
2568 'M-SEARCH * HTTP/1.1',
2569 'HOST: 239.255.255.250:1900',
2571 'MAN: "ssdp:discover"',
2572 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2574 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2576 logger
.debug("Missing MAN")
2578 'M-SEARCH * HTTP/1.1',
2579 'HOST: 239.255.255.250:1900',
2581 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2583 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2585 logger
.debug("Invalid MAN")
2587 'M-SEARCH * HTTP/1.1',
2588 'HOST: 239.255.255.250:1900',
2591 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2593 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2595 'M-SEARCH * HTTP/1.1',
2596 'HOST: 239.255.255.250:1900',
2598 'MAN; "ssdp:discover"',
2599 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2601 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2603 logger
.debug("Missing HOST")
2605 'M-SEARCH * HTTP/1.1',
2606 'MAN: "ssdp:discover"',
2608 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2610 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2612 logger
.debug("Missing ST")
2614 'M-SEARCH * HTTP/1.1',
2615 'HOST: 239.255.255.250:1900',
2616 'MAN: "ssdp:discover"',
2619 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2621 logger
.debug("Mismatching ST")
2623 'M-SEARCH * HTTP/1.1',
2624 'HOST: 239.255.255.250:1900',
2625 'MAN: "ssdp:discover"',
2627 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
2629 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2631 'M-SEARCH * HTTP/1.1',
2632 'HOST: 239.255.255.250:1900',
2633 'MAN: "ssdp:discover"',
2637 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2639 'M-SEARCH * HTTP/1.1',
2640 'HOST: 239.255.255.250:1900',
2641 'MAN: "ssdp:discover"',
2645 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2647 logger
.debug("Invalid ST")
2649 'M-SEARCH * HTTP/1.1',
2650 'HOST: 239.255.255.250:1900',
2651 'MAN: "ssdp:discover"',
2653 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
2655 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2657 logger
.debug("Invalid M-SEARCH")
2659 'M+SEARCH * HTTP/1.1',
2660 'HOST: 239.255.255.250:1900',
2661 'MAN: "ssdp:discover"',
2663 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2665 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2667 'M-SEARCH-* HTTP/1.1',
2668 'HOST: 239.255.255.250:1900',
2669 'MAN: "ssdp:discover"',
2671 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2673 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2675 logger
.debug("Invalid message format")
2676 sock
.sendto(b
"NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
2678 'M-SEARCH * HTTP/1.1',
2679 'HOST: 239.255.255.250:1900',
2680 'MAN: "ssdp:discover"',
2682 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2684 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2688 raise Exception("Unexpected M-SEARCH response: " + r
)
2689 except socket
.timeout
:
2692 logger
.debug("Valid M-SEARCH")
2694 'M-SEARCH * HTTP/1.1',
2695 'HOST: 239.255.255.250:1900',
2696 'MAN: "ssdp:discover"',
2698 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2700 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2705 except socket
.timeout
:
2706 raise Exception("No SSDP response")
2708 def test_ap_wps_ssdp_burst(dev
, apdev
):
2709 """WPS AP and SSDP burst"""
2710 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2711 add_ssdp_ap(apdev
[0], ap_uuid
)
2714 'M-SEARCH * HTTP/1.1',
2715 'HOST: 239.255.255.250:1900',
2716 'MAN: "ssdp:discover"',
2718 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2720 socket
.setdefaulttimeout(1)
2721 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2722 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2723 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2724 sock
.bind(("127.0.0.1", 0))
2725 for i
in range(0, 25):
2726 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2730 r
= sock
.recv(1000).decode()
2731 if not r
.startswith("HTTP/1.1 200 OK\r\n"):
2732 raise Exception("Unexpected message: " + r
)
2734 except socket
.timeout
:
2737 raise Exception("Too few SSDP responses")
2739 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2740 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2741 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2742 sock
.bind(("127.0.0.1", 0))
2743 for i
in range(0, 25):
2744 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2747 r
= sock
.recv(1000).decode()
2750 except socket
.timeout
:
2751 raise Exception("No SSDP response")
2753 def ssdp_get_location(uuid
):
2754 res
= ssdp_send_msearch("uuid:" + uuid
)
2756 for l
in res
.splitlines():
2757 if l
.lower().startswith("location:"):
2758 location
= l
.split(':', 1)[1].strip()
2760 if location
is None:
2761 raise Exception("No UPnP location found")
2764 def upnp_get_urls(location
):
2765 if sys
.version_info
[0] > 2:
2766 conn
= urlopen(location
)
2768 conn
= urlopen(location
, proxies
={})
2769 tree
= ET
.parse(conn
)
2770 root
= tree
.getroot()
2771 urn
= '{urn:schemas-upnp-org:device-1-0}'
2772 service
= root
.find("./" + urn
+ "device/" + urn
+ "serviceList/" + urn
+ "service")
2774 res
['scpd_url'] = urljoin(location
, service
.find(urn
+ 'SCPDURL').text
)
2775 res
['control_url'] = urljoin(location
,
2776 service
.find(urn
+ 'controlURL').text
)
2777 res
['event_sub_url'] = urljoin(location
,
2778 service
.find(urn
+ 'eventSubURL').text
)
2781 def upnp_soap_action(conn
, path
, action
, include_soap_action
=True,
2782 soap_action_override
=None, newmsg
=None, neweventtype
=None,
2784 soapns
= 'http://schemas.xmlsoap.org/soap/envelope/'
2785 wpsns
= 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
2786 ET
.register_namespace('soapenv', soapns
)
2787 ET
.register_namespace('wfa', wpsns
)
2789 attrib
['{%s}encodingStyle' % soapns
] = 'http://schemas.xmlsoap.org/soap/encoding/'
2790 root
= ET
.Element("{%s}Envelope" % soapns
, attrib
=attrib
)
2791 body
= ET
.SubElement(root
, "{%s}Body" % soapns
)
2792 act
= ET
.SubElement(body
, "{%s}%s" % (wpsns
, action
))
2794 msg
= ET
.SubElement(act
, "NewMessage")
2795 msg
.text
= base64
.b64encode(newmsg
.encode()).decode()
2797 msg
= ET
.SubElement(act
, "NewWLANEventType")
2798 msg
.text
= neweventtype
2800 msg
= ET
.SubElement(act
, "NewWLANEventMAC")
2801 msg
.text
= neweventmac
2803 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2804 if include_soap_action
:
2805 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
2806 elif soap_action_override
:
2807 headers
["SOAPAction"] = soap_action_override
2808 decl
= b
'<?xml version=\'1.0\' encoding=\'utf8\'?>\n'
2809 conn
.request("POST", path
, decl
+ ET
.tostring(root
), headers
)
2810 return conn
.getresponse()
2812 def test_ap_wps_upnp(dev
, apdev
):
2813 """WPS AP and UPnP operations"""
2814 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2815 add_ssdp_ap(apdev
[0], ap_uuid
)
2817 location
= ssdp_get_location(ap_uuid
)
2818 urls
= upnp_get_urls(location
)
2820 if sys
.version_info
[0] > 2:
2821 conn
= urlopen(urls
['scpd_url'])
2823 conn
= urlopen(urls
['scpd_url'], proxies
={})
2826 if sys
.version_info
[0] > 2:
2828 conn
= urlopen(urljoin(location
, "unknown.html"))
2829 raise Exception("Unexpected HTTP response to GET unknown URL")
2830 except HTTPError
as e
:
2832 raise Exception("Unexpected HTTP response to GET unknown URL")
2834 conn
= urlopen(urljoin(location
, "unknown.html"), proxies
={})
2835 if conn
.getcode() != 404:
2836 raise Exception("Unexpected HTTP response to GET unknown URL")
2838 url
= urlparse(location
)
2839 conn
= HTTPConnection(url
.netloc
)
2840 #conn.set_debuglevel(1)
2841 headers
= {"Content-type": 'text/xml; charset="utf-8"',
2842 "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"'}
2843 conn
.request("POST", "hello", "\r\n\r\n", headers
)
2844 resp
= conn
.getresponse()
2845 if resp
.status
!= 404:
2846 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2848 conn
.request("UNKNOWN", "hello", "\r\n\r\n", headers
)
2849 resp
= conn
.getresponse()
2850 if resp
.status
!= 501:
2851 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2853 headers
= {"Content-type": 'text/xml; charset="utf-8"',
2854 "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"'}
2855 ctrlurl
= urlparse(urls
['control_url'])
2856 conn
.request("POST", ctrlurl
.path
, "\r\n\r\n", headers
)
2857 resp
= conn
.getresponse()
2858 if resp
.status
!= 401:
2859 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2861 logger
.debug("GetDeviceInfo without SOAPAction header")
2862 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2863 include_soap_action
=False)
2864 if resp
.status
!= 401:
2865 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2867 logger
.debug("GetDeviceInfo with invalid SOAPAction header")
2869 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
2870 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
2871 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
2872 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2873 include_soap_action
=False,
2874 soap_action_override
=act
)
2875 if resp
.status
!= 401:
2876 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2878 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
2879 if resp
.status
!= 200:
2880 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2881 dev
= resp
.read().decode()
2882 if "NewDeviceInfo" not in dev
:
2883 raise Exception("Unexpected GetDeviceInfo response")
2885 logger
.debug("PutMessage without required parameters")
2886 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutMessage")
2887 if resp
.status
!= 600:
2888 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2890 logger
.debug("PutWLANResponse without required parameters")
2891 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse")
2892 if resp
.status
!= 600:
2893 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2895 logger
.debug("SetSelectedRegistrar from unregistered ER")
2896 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "SetSelectedRegistrar")
2897 if resp
.status
!= 501:
2898 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2900 logger
.debug("Unknown action")
2901 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "Unknown")
2902 if resp
.status
!= 401:
2903 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2905 def test_ap_wps_upnp_subscribe(dev
, apdev
):
2906 """WPS AP and UPnP event subscription"""
2907 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2908 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2910 location
= ssdp_get_location(ap_uuid
)
2911 urls
= upnp_get_urls(location
)
2912 eventurl
= urlparse(urls
['event_sub_url'])
2914 url
= urlparse(location
)
2915 conn
= HTTPConnection(url
.netloc
)
2916 #conn.set_debuglevel(1)
2917 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2918 "timeout": "Second-1234"}
2919 conn
.request("SUBSCRIBE", "hello", "\r\n\r\n", headers
)
2920 resp
= conn
.getresponse()
2921 if resp
.status
!= 412:
2922 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2924 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2925 resp
= conn
.getresponse()
2926 if resp
.status
!= 412:
2927 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2929 headers
= {"NT": "upnp:event",
2930 "timeout": "Second-1234"}
2931 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2932 resp
= conn
.getresponse()
2933 if resp
.status
!= 412:
2934 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2936 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2937 "NT": "upnp:foobar",
2938 "timeout": "Second-1234"}
2939 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2940 resp
= conn
.getresponse()
2941 if resp
.status
!= 400:
2942 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2944 logger
.debug("Valid subscription")
2945 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2947 "timeout": "Second-1234"}
2948 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2949 resp
= conn
.getresponse()
2950 if resp
.status
!= 200:
2951 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2952 sid
= resp
.getheader("sid")
2953 logger
.debug("Subscription SID " + sid
)
2955 logger
.debug("Invalid re-subscription")
2956 headers
= {"NT": "upnp:event",
2957 "sid": "123456734567854",
2958 "timeout": "Second-1234"}
2959 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2960 resp
= conn
.getresponse()
2961 if resp
.status
!= 400:
2962 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2964 logger
.debug("Invalid re-subscription")
2965 headers
= {"NT": "upnp:event",
2966 "sid": "uuid:123456734567854",
2967 "timeout": "Second-1234"}
2968 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2969 resp
= conn
.getresponse()
2970 if resp
.status
!= 400:
2971 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2973 logger
.debug("Invalid re-subscription")
2974 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2977 "timeout": "Second-1234"}
2978 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2979 resp
= conn
.getresponse()
2980 if resp
.status
!= 400:
2981 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2983 logger
.debug("SID mismatch in re-subscription")
2984 headers
= {"NT": "upnp:event",
2985 "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
2986 "timeout": "Second-1234"}
2987 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2988 resp
= conn
.getresponse()
2989 if resp
.status
!= 412:
2990 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2992 logger
.debug("Valid re-subscription")
2993 headers
= {"NT": "upnp:event",
2995 "timeout": "Second-1234"}
2996 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2997 resp
= conn
.getresponse()
2998 if resp
.status
!= 200:
2999 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3000 sid2
= resp
.getheader("sid")
3001 logger
.debug("Subscription SID " + sid2
)
3004 raise Exception("Unexpected SID change")
3006 logger
.debug("Valid re-subscription")
3007 headers
= {"NT": "upnp:event",
3008 "sid": "uuid: \t \t" + sid
.split(':')[1],
3009 "timeout": "Second-1234"}
3010 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3011 resp
= conn
.getresponse()
3012 if resp
.status
!= 200:
3013 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3015 logger
.debug("Invalid unsubscription")
3016 headers
= {"sid": sid
}
3017 conn
.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers
)
3018 resp
= conn
.getresponse()
3019 if resp
.status
!= 412:
3020 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3021 headers
= {"foo": "bar"}
3022 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3023 resp
= conn
.getresponse()
3024 if resp
.status
!= 412:
3025 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3027 logger
.debug("Valid unsubscription")
3028 headers
= {"sid": sid
}
3029 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3030 resp
= conn
.getresponse()
3031 if resp
.status
!= 200:
3032 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3034 logger
.debug("Unsubscription for not existing SID")
3035 headers
= {"sid": sid
}
3036 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3037 resp
= conn
.getresponse()
3038 if resp
.status
!= 412:
3039 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3041 logger
.debug("Invalid unsubscription")
3042 headers
= {"sid": " \t \tfoo"}
3043 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3044 resp
= conn
.getresponse()
3045 if resp
.status
!= 400:
3046 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3048 logger
.debug("Invalid unsubscription")
3049 headers
= {"sid": "uuid:\t \tfoo"}
3050 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3051 resp
= conn
.getresponse()
3052 if resp
.status
!= 400:
3053 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3055 logger
.debug("Invalid unsubscription")
3056 headers
= {"NT": "upnp:event",
3058 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3059 resp
= conn
.getresponse()
3060 if resp
.status
!= 400:
3061 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3062 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3064 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3065 resp
= conn
.getresponse()
3066 if resp
.status
!= 400:
3067 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3069 logger
.debug("Valid subscription with multiple callbacks")
3070 headers
= {"callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
3072 "timeout": "Second-1234"}
3073 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3074 resp
= conn
.getresponse()
3075 if resp
.status
!= 200:
3076 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3077 sid
= resp
.getheader("sid")
3078 logger
.debug("Subscription SID " + sid
)
3080 # Force subscription to be deleted due to errors
3081 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3082 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3083 with
alloc_fail(hapd
, 1, "event_build_message"):
3085 dev
[1].dump_monitor()
3086 dev
[2].dump_monitor()
3087 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3088 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3089 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3090 dev
[1].request("WPS_CANCEL")
3091 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3092 dev
[2].request("WPS_CANCEL")
3099 headers
= {"sid": sid
}
3100 conn
.request("UNSUBSCRIBE", eventurl
.path
, "", headers
)
3101 resp
= conn
.getresponse()
3102 if resp
.status
!= 200 and resp
.status
!= 412:
3103 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3105 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3107 "timeout": "Second-1234"}
3108 with
alloc_fail(hapd
, 1, "http_client_addr;event_send_start"):
3109 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3110 resp
= conn
.getresponse()
3111 if resp
.status
!= 200:
3112 raise Exception("Unexpected HTTP response for SUBSCRIBE: %d" % resp
.status
)
3113 sid
= resp
.getheader("sid")
3114 logger
.debug("Subscription SID " + sid
)
3116 headers
= {"sid": sid
}
3117 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3118 resp
= conn
.getresponse()
3119 if resp
.status
!= 200:
3120 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3122 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3124 "timeout": "Second-1234"}
3125 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3126 resp
= conn
.getresponse()
3127 if resp
.status
!= 200:
3128 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3129 sid
= resp
.getheader("sid")
3130 logger
.debug("Subscription SID " + sid
)
3132 with
alloc_fail(hapd
, 1, "=event_add"):
3134 dev
[1].dump_monitor()
3135 dev
[2].dump_monitor()
3136 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3137 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3138 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3139 dev
[1].request("WPS_CANCEL")
3140 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3141 dev
[2].request("WPS_CANCEL")
3147 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3148 resp
= conn
.getresponse()
3149 if resp
.status
!= 200:
3150 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3152 with
alloc_fail(hapd
, 1, "wpabuf_dup;event_add"):
3153 dev
[1].dump_monitor()
3154 dev
[2].dump_monitor()
3155 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3156 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3157 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3158 dev
[1].request("WPS_CANCEL")
3159 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3160 dev
[2].request("WPS_CANCEL")
3163 with
fail_test(hapd
, 1, "os_get_random;uuid_make;subscription_start"):
3164 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3165 resp
= conn
.getresponse()
3166 if resp
.status
!= 500:
3167 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3169 with
alloc_fail(hapd
, 1, "=subscription_start"):
3170 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3171 resp
= conn
.getresponse()
3172 if resp
.status
!= 500:
3173 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3175 headers
= {"callback": '',
3177 "timeout": "Second-1234"}
3178 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3179 resp
= conn
.getresponse()
3180 if resp
.status
!= 500:
3181 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3183 headers
= {"callback": ' <',
3185 "timeout": "Second-1234"}
3186 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3187 resp
= conn
.getresponse()
3188 if resp
.status
!= 500:
3189 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3191 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3193 "timeout": "Second-1234"}
3194 with
alloc_fail(hapd
, 1, "wpabuf_alloc;subscription_first_event"):
3195 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3196 resp
= conn
.getresponse()
3197 if resp
.status
!= 500:
3198 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3200 with
alloc_fail(hapd
, 1, "event_add;subscription_first_event"):
3201 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3202 resp
= conn
.getresponse()
3203 if resp
.status
!= 500:
3204 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3206 with
alloc_fail(hapd
, 1, "subscr_addr_add_url"):
3207 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3208 resp
= conn
.getresponse()
3209 if resp
.status
!= 500:
3210 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3212 with
alloc_fail(hapd
, 2, "subscr_addr_add_url"):
3213 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3214 resp
= conn
.getresponse()
3215 if resp
.status
!= 500:
3216 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3219 headers
= {"callback": '<http://127.0.0.1:%d/event>' % (12345 + i
),
3221 "timeout": "Second-1234"}
3222 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3223 resp
= conn
.getresponse()
3224 if resp
.status
!= 200:
3225 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3227 with
alloc_fail(hapd
, 1, "=upnp_wps_device_send_wlan_event"):
3228 dev
[1].dump_monitor()
3229 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3230 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3231 dev
[1].request("WPS_CANCEL")
3234 with
alloc_fail(hapd
, 1, "wpabuf_alloc;upnp_wps_device_send_event"):
3235 dev
[1].dump_monitor()
3236 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3237 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3238 dev
[1].request("WPS_CANCEL")
3241 with
alloc_fail(hapd
, 1,
3242 "base64_gen_encode;?base64_encode;upnp_wps_device_send_wlan_event"):
3243 dev
[1].dump_monitor()
3244 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3245 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3246 dev
[1].request("WPS_CANCEL")
3250 with
alloc_fail(hapd
, 1, "get_netif_info"):
3251 if "FAIL" not in hapd
.request("ENABLE"):
3252 raise Exception("ENABLE succeeded during OOM")
3254 def test_ap_wps_upnp_subscribe_events(dev
, apdev
):
3255 """WPS AP and UPnP event subscription and many events"""
3256 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3257 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
3259 location
= ssdp_get_location(ap_uuid
)
3260 urls
= upnp_get_urls(location
)
3261 eventurl
= urlparse(urls
['event_sub_url'])
3263 class WPSERHTTPServer(StreamRequestHandler
):
3265 data
= self
.rfile
.readline().strip()
3267 self
.wfile
.write(gen_wps_event())
3269 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
3272 url
= urlparse(location
)
3273 conn
= HTTPConnection(url
.netloc
)
3275 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3277 "timeout": "Second-1234"}
3278 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3279 resp
= conn
.getresponse()
3280 if resp
.status
!= 200:
3281 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3282 sid
= resp
.getheader("sid")
3283 logger
.debug("Subscription SID " + sid
)
3285 # Fetch the first event message
3286 server
.handle_request()
3288 # Force subscription event queue to reach the maximum length by generating
3289 # new proxied events without the ER fetching any of the pending events.
3290 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3291 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3293 dev
[1].dump_monitor()
3294 dev
[2].dump_monitor()
3295 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3296 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3297 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3298 dev
[1].request("WPS_CANCEL")
3299 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3300 dev
[2].request("WPS_CANCEL")
3306 hapd
.request("WPS_PIN any 12345670")
3307 dev
[1].dump_monitor()
3308 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3309 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=10)
3311 raise Exception("WPS success not reported")
3313 # Close the WPS ER HTTP server without fetching all the pending events.
3314 # This tests hostapd code path that clears subscription and the remaining
3315 # event queue when the interface is deinitialized.
3316 server
.handle_request()
3317 server
.server_close()
3319 dev
[1].wait_connected()
3321 def test_ap_wps_upnp_http_proto(dev
, apdev
):
3322 """WPS AP and UPnP/HTTP protocol testing"""
3323 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3324 add_ssdp_ap(apdev
[0], ap_uuid
)
3326 location
= ssdp_get_location(ap_uuid
)
3328 url
= urlparse(location
)
3329 conn
= HTTPConnection(url
.netloc
, timeout
=0.2)
3330 #conn.set_debuglevel(1)
3332 conn
.request("HEAD", "hello")
3333 resp
= conn
.getresponse()
3334 if resp
.status
!= 501:
3335 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3338 for cmd
in ["PUT", "DELETE", "TRACE", "CONNECT", "M-SEARCH", "M-POST"]:
3340 conn
.request(cmd
, "hello")
3341 resp
= conn
.getresponse()
3342 except Exception as e
:
3346 headers
= {"Content-Length": 'abc'}
3347 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3349 resp
= conn
.getresponse()
3350 except Exception as e
:
3354 headers
= {"Content-Length": '-10'}
3355 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3357 resp
= conn
.getresponse()
3358 except Exception as e
:
3362 headers
= {"Content-Length": '10000000000000'}
3363 conn
.request("HEAD", "hello", "\r\n\r\nhello", headers
)
3365 resp
= conn
.getresponse()
3366 except Exception as e
:
3370 headers
= {"Transfer-Encoding": 'abc'}
3371 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3372 resp
= conn
.getresponse()
3373 if resp
.status
!= 501:
3374 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3377 headers
= {"Transfer-Encoding": 'chunked'}
3378 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3379 resp
= conn
.getresponse()
3380 if resp
.status
!= 501:
3381 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3385 conn
.request("HEAD", 5000 * 'A')
3387 resp
= conn
.getresponse()
3388 except Exception as e
:
3392 # Long URL but within header length limits
3393 conn
.request("HEAD", 3000 * 'A')
3394 resp
= conn
.getresponse()
3395 if resp
.status
!= 501:
3396 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3399 headers
= {"Content-Length": '20'}
3400 conn
.request("POST", "hello", 10 * 'A' + "\r\n\r\n", headers
)
3402 resp
= conn
.getresponse()
3403 except Exception as e
:
3407 conn
.request("POST", "hello", 5000 * 'A' + "\r\n\r\n")
3408 resp
= conn
.getresponse()
3409 if resp
.status
!= 404:
3410 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3413 conn
.request("POST", "hello", 60000 * 'A' + "\r\n\r\n")
3415 resp
= conn
.getresponse()
3416 except Exception as e
:
3420 def test_ap_wps_upnp_http_proto_chunked(dev
, apdev
):
3421 """WPS AP and UPnP/HTTP protocol testing for chunked encoding"""
3422 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3423 add_ssdp_ap(apdev
[0], ap_uuid
)
3425 location
= ssdp_get_location(ap_uuid
)
3427 url
= urlparse(location
)
3428 conn
= HTTPConnection(url
.netloc
)
3429 #conn.set_debuglevel(1)
3431 headers
= {"Transfer-Encoding": 'chunked'}
3432 conn
.request("POST", "hello",
3433 "a\r\nabcdefghij\r\n" + "2\r\nkl\r\n" + "0\r\n\r\n",
3435 resp
= conn
.getresponse()
3436 if resp
.status
!= 404:
3437 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3440 conn
.putrequest("POST", "hello")
3441 conn
.putheader('Transfer-Encoding', 'chunked')
3443 conn
.send(b
"a\r\nabcdefghij\r\n")
3445 conn
.send(b
"2\r\nkl\r\n")
3446 conn
.send(b
"0\r\n\r\n")
3447 resp
= conn
.getresponse()
3448 if resp
.status
!= 404:
3449 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3452 conn
.putrequest("POST", "hello")
3453 conn
.putheader('Transfer-Encoding', 'chunked')
3457 for i
in range(20000):
3458 conn
.send(b
"1\r\nZ\r\n")
3459 conn
.send(b
"0\r\n\r\n")
3460 resp
= conn
.getresponse()
3462 except Exception as e
:
3466 raise Exception("Too long chunked request did not result in connection reset")
3468 headers
= {"Transfer-Encoding": 'chunked'}
3469 conn
.request("POST", "hello", "80000000\r\na", headers
)
3471 resp
= conn
.getresponse()
3472 except Exception as e
:
3476 conn
.request("POST", "hello", "10000000\r\na", headers
)
3478 resp
= conn
.getresponse()
3479 except Exception as e
:
3484 def test_ap_wps_disabled(dev
, apdev
):
3485 """WPS operations while WPS is disabled"""
3486 ssid
= "test-wps-disabled"
3487 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": ssid
})
3488 if "FAIL" not in hapd
.request("WPS_PBC"):
3489 raise Exception("WPS_PBC succeeded unexpectedly")
3490 if "FAIL" not in hapd
.request("WPS_CANCEL"):
3491 raise Exception("WPS_CANCEL succeeded unexpectedly")
3493 def test_ap_wps_mixed_cred(dev
, apdev
):
3494 """WPS 2.0 STA merging mixed mode WPA/WPA2 credentials"""
3495 ssid
= "test-wps-wep"
3496 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3497 "skip_cred_build": "1", "extra_cred": "wps-mixed-cred"}
3498 hapd
= hostapd
.add_ap(apdev
[0], params
)
3499 hapd
.request("WPS_PBC")
3500 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3501 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3502 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
3504 raise Exception("WPS-SUCCESS event timed out")
3505 nets
= dev
[0].list_networks()
3507 raise Exception("Unexpected number of network blocks")
3509 proto
= dev
[0].get_network(id, "proto")
3510 if proto
!= "WPA RSN":
3511 raise Exception("Unexpected merged proto field value: " + proto
)
3512 pairwise
= dev
[0].get_network(id, "pairwise")
3513 p
= pairwise
.split()
3514 if "CCMP" not in p
or "TKIP" not in p
:
3515 raise Exception("Unexpected merged pairwise field value: " + pairwise
)
3518 def test_ap_wps_while_connected(dev
, apdev
):
3519 """WPS PBC provisioning while connected to another AP"""
3520 ssid
= "test-wps-conf"
3521 hapd
= hostapd
.add_ap(apdev
[0],
3522 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3523 "wpa_passphrase": "12345678", "wpa": "2",
3524 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3526 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3527 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3529 logger
.info("WPS provisioning step")
3530 hapd
.request("WPS_PBC")
3531 dev
[0].dump_monitor()
3532 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3533 dev
[0].wait_connected(timeout
=30)
3534 status
= dev
[0].get_status()
3535 if status
['bssid'] != apdev
[0]['bssid']:
3536 raise Exception("Unexpected BSSID")
3539 def test_ap_wps_while_connected_no_autoconnect(dev
, apdev
):
3540 """WPS PBC provisioning while connected to another AP and STA_AUTOCONNECT disabled"""
3541 ssid
= "test-wps-conf"
3542 hapd
= hostapd
.add_ap(apdev
[0],
3543 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3544 "wpa_passphrase": "12345678", "wpa": "2",
3545 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3547 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3550 dev
[0].request("STA_AUTOCONNECT 0")
3551 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3553 logger
.info("WPS provisioning step")
3554 hapd
.request("WPS_PBC")
3555 dev
[0].dump_monitor()
3556 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3557 dev
[0].wait_connected(timeout
=30)
3558 status
= dev
[0].get_status()
3559 if status
['bssid'] != apdev
[0]['bssid']:
3560 raise Exception("Unexpected BSSID")
3562 dev
[0].request("STA_AUTOCONNECT 1")
3565 def test_ap_wps_from_event(dev
, apdev
):
3566 """WPS PBC event on AP to enable PBC"""
3567 ssid
= "test-wps-conf"
3568 hapd
= hostapd
.add_ap(apdev
[0],
3569 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3570 "wpa_passphrase": "12345678", "wpa": "2",
3571 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3572 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3573 dev
[0].dump_monitor()
3575 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3577 ev
= hapd
.wait_event(['WPS-ENROLLEE-SEEN'], timeout
=15)
3579 raise Exception("No WPS-ENROLLEE-SEEN event on AP")
3580 vals
= ev
.split(' ')
3581 if vals
[1] != dev
[0].p2p_interface_addr():
3582 raise Exception("Unexpected enrollee address: " + vals
[1])
3584 raise Exception("Unexpected Device Password Id: " + vals
[5])
3585 hapd
.request("WPS_PBC")
3586 dev
[0].wait_connected(timeout
=30)
3588 def test_ap_wps_ap_scan_2(dev
, apdev
):
3589 """AP_SCAN 2 for WPS"""
3590 ssid
= "test-wps-conf"
3591 hapd
= hostapd
.add_ap(apdev
[0],
3592 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3593 "wpa_passphrase": "12345678", "wpa": "2",
3594 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3595 hapd
.request("WPS_PBC")
3597 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3598 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
3601 if "OK" not in wpas
.request("AP_SCAN 2"):
3602 raise Exception("Failed to set AP_SCAN 2")
3604 wpas
.flush_scan_cache()
3605 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3607 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
3608 ev
= wpas
.wait_event(["WPS-SUCCESS"], timeout
=15)
3610 raise Exception("WPS-SUCCESS event timed out")
3611 wpas
.wait_connected(timeout
=30)
3613 wpas
.request("DISCONNECT")
3614 wpas
.wait_disconnected()
3615 id = wpas
.list_networks()[0]['id']
3616 pairwise
= wpas
.get_network(id, "pairwise")
3617 if "CCMP" not in pairwise
.split():
3618 raise Exception("Unexpected pairwise parameter value: " + pairwise
)
3619 group
= wpas
.get_network(id, "group")
3620 if "CCMP" not in group
.split():
3621 raise Exception("Unexpected group parameter value: " + group
)
3622 # Need to select a single cipher for ap_scan=2 testing
3623 wpas
.set_network(id, "pairwise", "CCMP")
3624 wpas
.set_network(id, "group", "CCMP")
3625 wpas
.request("BSS_FLUSH 0")
3627 wpas
.request("REASSOCIATE")
3628 wpas
.wait_connected(timeout
=30)
3630 wpas
.request("DISCONNECT")
3631 wpas
.wait_disconnected()
3632 wpas
.flush_scan_cache()
3635 def test_ap_wps_eapol_workaround(dev
, apdev
):
3636 """EAPOL workaround code path for 802.1X header length mismatch"""
3638 hapd
= hostapd
.add_ap(apdev
[0],
3639 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
3640 bssid
= apdev
[0]['bssid']
3641 hapd
.request("SET ext_eapol_frame_io 1")
3642 dev
[0].request("SET ext_eapol_frame_io 1")
3643 hapd
.request("WPS_PBC")
3644 dev
[0].request("WPS_PBC")
3646 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3648 raise Exception("Timeout on EAPOL-TX from hostapd")
3650 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 020000040193000501FFFF")
3652 raise Exception("EAPOL_RX to wpa_supplicant failed")
3654 def test_ap_wps_iteration(dev
, apdev
):
3655 """WPS PIN and iterate through APs without selected registrar"""
3656 ssid
= "test-wps-conf"
3657 hapd
= hostapd
.add_ap(apdev
[0],
3658 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3659 "wpa_passphrase": "12345678", "wpa": "2",
3660 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3662 ssid2
= "test-wps-conf2"
3663 hapd2
= hostapd
.add_ap(apdev
[1],
3664 {"ssid": ssid2
, "eap_server": "1", "wps_state": "2",
3665 "wpa_passphrase": "12345678", "wpa": "2",
3666 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3668 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3669 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
3670 dev
[0].dump_monitor()
3671 pin
= dev
[0].request("WPS_PIN any")
3673 # Wait for iteration through all WPS APs to happen before enabling any
3676 ev
= dev
[0].wait_event(["Associated with"], timeout
=30)
3678 raise Exception("No association seen")
3679 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=10)
3681 raise Exception("No M2D from AP")
3682 dev
[0].wait_disconnected()
3684 # Verify that each AP requested PIN
3685 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3687 raise Exception("No WPS-PIN-NEEDED event from AP")
3688 ev
= hapd2
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3690 raise Exception("No WPS-PIN-NEEDED event from AP2")
3692 # Provide PIN to one of the APs and verify that connection gets formed
3693 hapd
.request("WPS_PIN any " + pin
)
3694 dev
[0].wait_connected(timeout
=30)
3696 def test_ap_wps_iteration_error(dev
, apdev
):
3697 """WPS AP iteration on no Selected Registrar and error case with an AP"""
3698 ssid
= "test-wps-conf-pin"
3699 hapd
= hostapd
.add_ap(apdev
[0],
3700 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3701 "wpa_passphrase": "12345678", "wpa": "2",
3702 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3703 "wps_independent": "1"})
3704 hapd
.request("SET ext_eapol_frame_io 1")
3705 bssid
= apdev
[0]['bssid']
3706 pin
= dev
[0].wps_read_pin()
3707 dev
[0].request("WPS_PIN any " + pin
)
3709 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3711 raise Exception("No EAPOL-TX (EAP-Request/Identity) from hostapd")
3712 dev
[0].request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
3714 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3716 raise Exception("No EAPOL-TX (EAP-WSC/Start) from hostapd")
3717 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
3719 raise Exception("No CTRL-EVENT-EAP-STARTED")
3721 # Do not forward any more EAPOL frames to test wpa_supplicant behavior for
3722 # a case with an incorrectly behaving WPS AP.
3724 # Start the real target AP and activate registrar on it.
3725 hapd2
= hostapd
.add_ap(apdev
[1],
3726 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3727 "wpa_passphrase": "12345678", "wpa": "2",
3728 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3729 "wps_independent": "1"})
3730 hapd2
.request("WPS_PIN any " + pin
)
3732 dev
[0].wait_disconnected(timeout
=15)
3733 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=15)
3735 raise Exception("No CTRL-EVENT-EAP-STARTED for the second AP")
3736 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
3738 raise Exception("No WPS-CRED-RECEIVED for the second AP")
3739 dev
[0].wait_connected(timeout
=15)
3742 def test_ap_wps_priority(dev
, apdev
):
3743 """WPS PIN provisioning with configured AP and wps_priority"""
3744 ssid
= "test-wps-conf-pin"
3745 hapd
= hostapd
.add_ap(apdev
[0],
3746 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3747 "wpa_passphrase": "12345678", "wpa": "2",
3748 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3749 logger
.info("WPS provisioning step")
3750 pin
= dev
[0].wps_read_pin()
3751 hapd
.request("WPS_PIN any " + pin
)
3752 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3753 dev
[0].dump_monitor()
3755 dev
[0].request("SET wps_priority 6")
3756 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3757 dev
[0].wait_connected(timeout
=30)
3758 netw
= dev
[0].list_networks()
3759 prio
= dev
[0].get_network(netw
[0]['id'], 'priority')
3761 raise Exception("Unexpected network priority: " + prio
)
3763 dev
[0].request("SET wps_priority 0")
3766 def test_ap_wps_and_non_wps(dev
, apdev
):
3767 """WPS and non-WPS AP in single hostapd process"""
3768 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "1"}
3769 hapd
= hostapd
.add_ap(apdev
[0], params
)
3771 params
= {"ssid": "no wps"}
3772 hapd2
= hostapd
.add_ap(apdev
[1], params
)
3774 appin
= hapd
.request("WPS_AP_PIN random")
3776 raise Exception("Could not generate random AP PIN")
3777 if appin
not in hapd
.request("WPS_AP_PIN get"):
3778 raise Exception("Could not fetch current AP PIN")
3780 if "FAIL" in hapd
.request("WPS_PBC"):
3781 raise Exception("WPS_PBC failed")
3782 if "FAIL" in hapd
.request("WPS_CANCEL"):
3783 raise Exception("WPS_CANCEL failed")
3785 def test_ap_wps_init_oom(dev
, apdev
):
3786 """Initial AP configuration and OOM during PSK generation"""
3788 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
3789 hapd
= hostapd
.add_ap(apdev
[0], params
)
3791 with
alloc_fail(hapd
, 1, "base64_gen_encode;?base64_encode;wps_build_cred"):
3792 pin
= dev
[0].wps_read_pin()
3793 hapd
.request("WPS_PIN any " + pin
)
3794 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3795 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3796 dev
[0].wait_disconnected()
3798 hapd
.request("WPS_PIN any " + pin
)
3799 dev
[0].wait_connected(timeout
=30)
3802 def test_ap_wps_er_oom(dev
, apdev
):
3803 """WPS ER OOM in XML processing"""
3805 _test_ap_wps_er_oom(dev
, apdev
)
3807 dev
[0].request("WPS_ER_STOP")
3808 dev
[1].request("WPS_CANCEL")
3809 dev
[0].request("DISCONNECT")
3811 def _test_ap_wps_er_oom(dev
, apdev
):
3812 ssid
= "wps-er-ap-config"
3814 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3815 hostapd
.add_ap(apdev
[0],
3816 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3817 "wpa_passphrase": "12345678", "wpa": "2",
3818 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3819 "device_name": "Wireless AP", "manufacturer": "Company",
3820 "model_name": "WAP", "model_number": "123",
3821 "serial_number": "12345", "device_type": "6-0050F204-1",
3822 "os_version": "01020300",
3823 "config_methods": "label push_button",
3824 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
3826 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
3828 with
alloc_fail(dev
[0], 1,
3829 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3830 dev
[0].request("WPS_ER_START ifname=lo")
3831 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=3)
3833 raise Exception("Unexpected AP discovery")
3835 dev
[0].request("WPS_ER_STOP")
3836 dev
[0].request("WPS_ER_START ifname=lo")
3837 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
3839 raise Exception("AP discovery timed out")
3841 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3842 with
alloc_fail(dev
[0], 1,
3843 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3844 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
3845 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
3847 raise Exception("PBC scan failed")
3848 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
3850 raise Exception("Enrollee discovery timed out")
3853 def test_ap_wps_er_init_oom(dev
, apdev
):
3854 """WPS ER and OOM during init"""
3856 _test_ap_wps_er_init_oom(dev
, apdev
)
3858 dev
[0].request("WPS_ER_STOP")
3860 def _test_ap_wps_er_init_oom(dev
, apdev
):
3861 with
alloc_fail(dev
[0], 1, "wps_er_init"):
3862 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3863 raise Exception("WPS_ER_START succeeded during OOM")
3864 with
alloc_fail(dev
[0], 1, "http_server_init"):
3865 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3866 raise Exception("WPS_ER_START succeeded during OOM")
3867 with
alloc_fail(dev
[0], 2, "http_server_init"):
3868 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3869 raise Exception("WPS_ER_START succeeded during OOM")
3870 with
alloc_fail(dev
[0], 1, "eloop_sock_table_add_sock;?eloop_register_sock;wps_er_ssdp_init"):
3871 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3872 raise Exception("WPS_ER_START succeeded during OOM")
3873 with
fail_test(dev
[0], 1, "os_get_random;wps_er_init"):
3874 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3875 raise Exception("WPS_ER_START succeeded during os_get_random failure")
3878 def test_ap_wps_er_init_fail(dev
, apdev
):
3879 """WPS ER init failure"""
3880 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=does-not-exist"):
3881 dev
[0].request("WPS_ER_STOP")
3882 raise Exception("WPS_ER_START with non-existing ifname succeeded")
3884 def test_ap_wps_wpa_cli_action(dev
, apdev
, test_params
):
3885 """WPS events and wpa_cli action script"""
3886 logdir
= os
.path
.abspath(test_params
['logdir'])
3887 pidfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.pid')
3888 logfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.res')
3889 actionfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.action.sh')
3891 with
open(actionfile
, 'w') as f
:
3892 f
.write('#!/bin/sh\n')
3893 f
.write('echo $* >> %s\n' % logfile
)
3894 # Kill the process and wait some time before returning to allow all the
3895 # pending events to be processed with some of this happening after the
3896 # eloop SIGALRM signal has been scheduled.
3897 f
.write('if [ $2 = "WPS-SUCCESS" -a -r %s ]; then kill `cat %s`; sleep 1; fi\n' % (pidfile
, pidfile
))
3899 os
.chmod(actionfile
, stat
.S_IREAD | stat
.S_IWRITE | stat
.S_IEXEC |
3900 stat
.S_IRGRP | stat
.S_IXGRP | stat
.S_IROTH | stat
.S_IXOTH
)
3902 ssid
= "test-wps-conf"
3903 hapd
= hostapd
.add_ap(apdev
[0],
3904 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3905 "wpa_passphrase": "12345678", "wpa": "2",
3906 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3908 prg
= os
.path
.join(test_params
['logdir'],
3909 'alt-wpa_supplicant/wpa_supplicant/wpa_cli')
3910 if not os
.path
.exists(prg
):
3911 prg
= '../../wpa_supplicant/wpa_cli'
3912 arg
= [prg
, '-P', pidfile
, '-B', '-i', dev
[0].ifname
, '-a', actionfile
]
3913 subprocess
.call(arg
)
3916 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3917 out
= cmd
.communicate()[0].decode()
3919 logger
.debug("Processes:\n" + out
)
3920 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) not in out
:
3921 raise Exception("Did not see wpa_cli running")
3923 hapd
.request("WPS_PIN any 12345670")
3924 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3925 dev
[0].dump_monitor()
3926 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3927 dev
[0].wait_connected(timeout
=30)
3930 if not os
.path
.exists(pidfile
):
3934 if not os
.path
.exists(logfile
):
3935 raise Exception("wpa_cli action results file not found")
3936 with
open(logfile
, 'r') as f
:
3938 if "WPS-SUCCESS" not in res
:
3939 raise Exception("WPS-SUCCESS event not seen in action file")
3942 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3943 out
= cmd
.communicate()[0].decode()
3945 logger
.debug("Remaining processes:\n" + out
)
3946 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) in out
:
3947 raise Exception("wpa_cli still running")
3949 if os
.path
.exists(pidfile
):
3950 raise Exception("PID file not removed")
3952 def test_ap_wps_er_ssdp_proto(dev
, apdev
):
3953 """WPS ER SSDP protocol testing"""
3955 _test_ap_wps_er_ssdp_proto(dev
, apdev
)
3957 dev
[0].request("WPS_ER_STOP")
3959 def _test_ap_wps_er_ssdp_proto(dev
, apdev
):
3960 socket
.setdefaulttimeout(1)
3961 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
3962 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
3963 sock
.bind(("239.255.255.250", 1900))
3964 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo foo"):
3965 raise Exception("Invalid filter accepted")
3966 if "OK" not in dev
[0].request("WPS_ER_START ifname=lo 1.2.3.4"):
3967 raise Exception("WPS_ER_START with filter failed")
3968 (msg
, addr
) = sock
.recvfrom(1000)
3970 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
3971 if "M-SEARCH" not in msg
:
3972 raise Exception("Not an M-SEARCH")
3973 sock
.sendto(b
"FOO", addr
)
3975 dev
[0].request("WPS_ER_STOP")
3977 dev
[0].request("WPS_ER_START ifname=lo")
3978 (msg
, addr
) = sock
.recvfrom(1000)
3980 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
3981 if "M-SEARCH" not in msg
:
3982 raise Exception("Not an M-SEARCH")
3983 sock
.sendto(b
"FOO", addr
)
3984 sock
.sendto(b
"HTTP/1.1 200 OK\r\nFOO\r\n\r\n", addr
)
3985 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:foo\r\n\r\n", addr
)
3986 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
3987 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: foo=1\r\n\r\n", addr
)
3988 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: max-age=1\r\n\r\n", addr
)
3989 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:\r\n\r\n", addr
)
3990 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:foo\r\n\r\n", addr
)
3991 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid:\r\n\r\n", addr
)
3992 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: \r\n\r\n", addr
)
3993 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: foo\r\n\r\n", addr
)
3994 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\n\r\n", addr
)
3995 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
3996 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\n\r\n", addr
)
3997 with
alloc_fail(dev
[0], 1, "wps_er_ap_add"):
3998 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4000 with
alloc_fail(dev
[0], 2, "wps_er_ap_add"):
4001 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4004 # Add an AP with bogus URL
4005 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4006 # Update timeout on AP without updating URL
4007 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4008 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4010 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4012 # Add an AP with a valid URL (but no server listing to it)
4013 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4014 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4016 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4020 wps_event_url
= None
4022 def gen_upnp_info(eventSubURL
='wps_event', controlURL
='wps_control',
4023 udn
='uuid:27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'):
4024 payload
= '''<?xml version="1.0"?>
4025 <root xmlns="urn:schemas-upnp-org:device-1-0">
4031 <deviceType>urn:schemas-wifialliance-org:device:WFADevice:1</deviceType>
4032 <friendlyName>WPS Access Point</friendlyName>
4033 <manufacturer>Company</manufacturer>
4034 <modelName>WAP</modelName>
4035 <modelNumber>123</modelNumber>
4036 <serialNumber>12345</serialNumber>
4039 payload
+= '<UDN>' + udn
+ '</UDN>'
4040 payload
+= '''<serviceList>
4042 <serviceType>urn:schemas-wifialliance-org:service:WFAWLANConfig:1</serviceType>
4043 <serviceId>urn:wifialliance-org:serviceId:WFAWLANConfig1</serviceId>
4044 <SCPDURL>wps_scpd.xml</SCPDURL>
4047 payload
+= '<controlURL>' + controlURL
+ '</controlURL>\n'
4049 payload
+= '<eventSubURL>' + eventSubURL
+ '</eventSubURL>\n'
4050 payload
+= '''</service>
4055 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4056 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4057 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4058 'Connection: close\r\n' + \
4059 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4060 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4061 return (hdr
+ payload
).encode()
4063 def gen_wps_control(payload_override
=None):
4064 payload
= '''<?xml version="1.0"?>
4065 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4067 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4068 <NewDeviceInfo>EEoAARAQIgABBBBHABAn6oAanlxOc72C+Jy80Q1+ECAABgIAAAADABAaABCJZ7DPtbU3Ust9
4069 Z3wJF07WEDIAwH45D3i1OqB7eJGwTzqeapS71h3KyXncK2xJZ+xqScrlorNEg6LijBJzG2Ca
4070 +FZli0iliDJd397yAx/jk4nFXco3q5ylBSvSw9dhJ5u1xBKSnTilKGlUHPhLP75PUqM3fot9
4071 7zwtFZ4bx6x1sBA6oEe2d0aUJmLumQGCiKEIWlnxs44zego/2tAe81bDzdPBM7o5HH/FUhD+
4072 KoGzFXp51atP+1n9Vta6AkI0Vye99JKLcC6Md9dMJltSVBgd4Xc4lRAEAAIAIxAQAAIADRAN
4073 AAEBEAgAAgAEEEQAAQIQIQAHQ29tcGFueRAjAANXQVAQJAADMTIzEEIABTEyMzQ1EFQACAAG
4074 AFDyBAABEBEAC1dpcmVsZXNzIEFQEDwAAQEQAgACAAAQEgACAAAQCQACAAAQLQAEgQIDABBJ
4077 </u:GetDeviceInfoResponse>
4081 if payload_override
:
4082 payload
= payload_override
4083 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4084 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4085 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4086 'Connection: close\r\n' + \
4087 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4088 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4089 return (hdr
+ payload
).encode()
4091 def gen_wps_event(sid
='uuid:7eb3342a-8a5f-47fe-a585-0785bfec6d8a'):
4093 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4094 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4095 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4096 'Connection: close\r\n' + \
4097 'Content-Length: ' + str(len(payload
)) + '\r\n'
4099 hdr
+= 'SID: ' + sid
+ '\r\n'
4100 hdr
+= 'Timeout: Second-1801\r\n' + \
4101 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4102 return (hdr
+ payload
).encode()
4104 class WPSAPHTTPServer(StreamRequestHandler
):
4106 data
= self
.rfile
.readline().decode().strip()
4107 logger
.info("HTTP server received: " + data
)
4109 hdr
= self
.rfile
.readline().decode().strip()
4112 logger
.info("HTTP header: " + hdr
)
4113 if "CALLBACK:" in hdr
:
4114 global wps_event_url
4115 wps_event_url
= hdr
.split(' ')[1].strip('<>')
4117 if "GET /foo.xml" in data
:
4118 self
.handle_upnp_info()
4119 elif "POST /wps_control" in data
:
4120 self
.handle_wps_control()
4121 elif "SUBSCRIBE /wps_event" in data
:
4122 self
.handle_wps_event()
4124 self
.handle_others(data
)
4126 def handle_upnp_info(self
):
4127 self
.wfile
.write(gen_upnp_info())
4129 def handle_wps_control(self
):
4130 self
.wfile
.write(gen_wps_control())
4132 def handle_wps_event(self
):
4133 self
.wfile
.write(gen_wps_event())
4135 def handle_others(self
, data
):
4136 logger
.info("Ignore HTTP request: " + data
)
4138 class MyTCPServer(TCPServer
):
4139 def __init__(self
, addr
, handler
):
4140 self
.allow_reuse_address
= True
4141 TCPServer
.__init
__(self
, addr
, handler
)
4143 def wps_er_start(dev
, http_server
, max_age
=1, wait_m_search
=False,
4145 socket
.setdefaulttimeout(1)
4146 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4147 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4148 sock
.bind(("239.255.255.250", 1900))
4149 dev
.request("WPS_ER_START ifname=lo")
4150 for i
in range(100):
4151 (msg
, addr
) = sock
.recvfrom(1000)
4153 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4154 if "M-SEARCH" in msg
:
4156 if not wait_m_search
:
4157 raise Exception("Not an M-SEARCH")
4159 raise Exception("No M-SEARCH seen")
4161 # Add an AP with a valid URL and server listing to it
4162 server
= MyTCPServer(("127.0.0.1", 12345), http_server
)
4163 if not location_url
:
4164 location_url
= 'http://127.0.0.1:12345/foo.xml'
4165 sock
.sendto(("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:%s\r\ncache-control:max-age=%d\r\n\r\n" % (location_url
, max_age
)).encode(), addr
)
4169 def wps_er_stop(dev
, sock
, server
, on_alloc_fail
=False):
4171 server
.server_close()
4176 res
= dev
.request("GET_ALLOC_FAIL")
4177 if res
.startswith("0:"):
4182 raise Exception("No allocation failure reported")
4184 ev
= dev
.wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4186 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4187 dev
.request("WPS_ER_STOP")
4189 def run_wps_er_proto_test(dev
, handler
, no_event_url
=False, location_url
=None):
4191 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4192 server
, sock
= wps_er_start(dev
, handler
, location_url
=location_url
)
4193 global wps_event_url
4194 wps_event_url
= None
4195 server
.handle_request()
4196 server
.handle_request()
4197 server
.handle_request()
4198 server
.server_close()
4201 raise Exception("Received event URL unexpectedly")
4203 if wps_event_url
is None:
4204 raise Exception("Did not get event URL")
4205 logger
.info("Event URL: " + wps_event_url
)
4207 dev
.request("WPS_ER_STOP")
4209 def send_wlanevent(url
, uuid
, data
, no_response
=False):
4210 conn
= HTTPConnection(url
.netloc
)
4211 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4212 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4213 <e:property><STAStatus>1</STAStatus></e:property>
4214 <e:property><APStatus>1</APStatus></e:property>
4215 <e:property><WLANEvent>'''
4216 payload
+= base64
.b64encode(data
).decode()
4217 payload
+= '</WLANEvent></e:property></e:propertyset>'
4218 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4219 "Server": "Unspecified, UPnP/1.0, Unspecified",
4222 "SID": "uuid:" + uuid
,
4224 "Content-Length": str(len(payload
))}
4225 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4229 except Exception as e
:
4232 resp
= conn
.getresponse()
4233 if resp
.status
!= 200:
4234 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4236 def test_ap_wps_er_http_proto(dev
, apdev
):
4237 """WPS ER HTTP protocol testing"""
4239 _test_ap_wps_er_http_proto(dev
, apdev
)
4241 dev
[0].request("WPS_ER_STOP")
4243 def _test_ap_wps_er_http_proto(dev
, apdev
):
4244 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4245 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
, max_age
=15)
4246 global wps_event_url
4247 wps_event_url
= None
4248 server
.handle_request()
4249 server
.handle_request()
4250 server
.handle_request()
4251 server
.server_close()
4252 if wps_event_url
is None:
4253 raise Exception("Did not get event URL")
4254 logger
.info("Event URL: " + wps_event_url
)
4256 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
4258 raise Exception("No WPS-ER-AP-ADD event")
4260 raise Exception("UUID mismatch")
4264 logger
.info("Valid Probe Request notification")
4265 url
= urlparse(wps_event_url
)
4266 conn
= HTTPConnection(url
.netloc
)
4267 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4268 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4269 <e:property><STAStatus>1</STAStatus></e:property>
4270 <e:property><APStatus>1</APStatus></e:property>
4271 <e:property><WLANEvent>ATAyOjAwOjAwOjAwOjAwOjAwEEoAARAQOgABAhAIAAIxSBBHABA2LbR7pTpRkYj7VFi5hrLk
4272 EFQACAAAAAAAAAAAEDwAAQMQAgACAAAQCQACAAAQEgACAAAQIQABIBAjAAEgECQAASAQEQAI
4273 RGV2aWNlIEEQSQAGADcqAAEg
4274 </WLANEvent></e:property>
4277 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4278 "Server": "Unspecified, UPnP/1.0, Unspecified",
4281 "SID": "uuid:" + uuid
,
4283 "Content-Length": str(len(payload
))}
4284 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4285 resp
= conn
.getresponse()
4286 if resp
.status
!= 200:
4287 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4289 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=5)
4291 raise Exception("No WPS-ER-ENROLLEE-ADD event")
4292 if "362db47b-a53a-5191-88fb-5458b986b2e4" not in ev
:
4293 raise Exception("No Enrollee UUID match")
4295 logger
.info("Incorrect event URL AP id")
4296 conn
= HTTPConnection(url
.netloc
)
4297 conn
.request("NOTIFY", url
.path
+ '123', payload
, headers
)
4298 resp
= conn
.getresponse()
4299 if resp
.status
!= 404:
4300 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4302 logger
.info("Missing AP id")
4303 conn
= HTTPConnection(url
.netloc
)
4304 conn
.request("NOTIFY", '/event/' + url
.path
.split('/')[2],
4308 logger
.info("Incorrect event URL event id")
4309 conn
= HTTPConnection(url
.netloc
)
4310 conn
.request("NOTIFY", '/event/123456789/123', payload
, headers
)
4313 logger
.info("Incorrect event URL prefix")
4314 conn
= HTTPConnection(url
.netloc
)
4315 conn
.request("NOTIFY", '/foobar/123456789/123', payload
, headers
)
4316 resp
= conn
.getresponse()
4317 if resp
.status
!= 404:
4318 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4320 logger
.info("Unsupported request")
4321 conn
= HTTPConnection(url
.netloc
)
4322 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4323 resp
= conn
.getresponse()
4324 if resp
.status
!= 501:
4325 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4327 logger
.info("Unsupported request and OOM")
4328 with
alloc_fail(dev
[0], 1, "wps_er_http_req"):
4329 conn
= HTTPConnection(url
.netloc
)
4330 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4333 logger
.info("Too short WLANEvent")
4335 send_wlanevent(url
, uuid
, data
)
4337 logger
.info("Invalid WLANEventMAC")
4338 data
= b
'\x00qwertyuiopasdfghjklzxcvbnm'
4339 send_wlanevent(url
, uuid
, data
)
4341 logger
.info("Unknown WLANEventType")
4342 data
= b
'\xff02:00:00:00:00:00'
4343 send_wlanevent(url
, uuid
, data
)
4345 logger
.info("Probe Request notification without any attributes")
4346 data
= b
'\x0102:00:00:00:00:00'
4347 send_wlanevent(url
, uuid
, data
)
4349 logger
.info("Probe Request notification with invalid attribute")
4350 data
= b
'\x0102:00:00:00:00:00\xff'
4351 send_wlanevent(url
, uuid
, data
)
4353 logger
.info("EAP message without any attributes")
4354 data
= b
'\x0202:00:00:00:00:00'
4355 send_wlanevent(url
, uuid
, data
)
4357 logger
.info("EAP message with invalid attribute")
4358 data
= b
'\x0202:00:00:00:00:00\xff'
4359 send_wlanevent(url
, uuid
, data
)
4361 logger
.info("EAP message from new STA and not M1")
4362 data
= b
'\x0202:ff:ff:ff:ff:ff' + b
'\x10\x22\x00\x01\x05'
4363 send_wlanevent(url
, uuid
, data
)
4365 logger
.info("EAP message: M1")
4366 data
= b
'\x0202:00:00:00:00:00'
4367 data
+= b
'\x10\x22\x00\x01\x04'
4368 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4369 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4370 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4371 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4372 data
+= b
'\x10\x04\x00\x02\x00\x00'
4373 data
+= b
'\x10\x10\x00\x02\x00\x00'
4374 data
+= b
'\x10\x0d\x00\x01\x00'
4375 data
+= b
'\x10\x08\x00\x02\x00\x00'
4376 data
+= b
'\x10\x44\x00\x01\x00'
4377 data
+= b
'\x10\x21\x00\x00'
4378 data
+= b
'\x10\x23\x00\x00'
4379 data
+= b
'\x10\x24\x00\x00'
4380 data
+= b
'\x10\x42\x00\x00'
4381 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4382 data
+= b
'\x10\x11\x00\x00'
4383 data
+= b
'\x10\x3c\x00\x01\x00'
4384 data
+= b
'\x10\x02\x00\x02\x00\x00'
4385 data
+= b
'\x10\x12\x00\x02\x00\x00'
4386 data
+= b
'\x10\x09\x00\x02\x00\x00'
4387 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4389 send_wlanevent(url
, uuid
, data
)
4391 logger
.info("EAP message: WSC_ACK")
4392 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0d'
4393 send_wlanevent(url
, uuid
, data
)
4395 logger
.info("EAP message: M1")
4396 send_wlanevent(url
, uuid
, m1
)
4398 logger
.info("EAP message: WSC_NACK")
4399 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0e'
4400 send_wlanevent(url
, uuid
, data
)
4402 logger
.info("EAP message: M1 - Too long attribute values")
4403 data
= b
'\x0202:00:00:00:00:00'
4404 data
+= b
'\x10\x11\x00\x21' + 33 * b
'\x00'
4405 data
+= b
'\x10\x45\x00\x21' + 33 * b
'\x00'
4406 data
+= b
'\x10\x42\x00\x21' + 33 * b
'\x00'
4407 data
+= b
'\x10\x24\x00\x21' + 33 * b
'\x00'
4408 data
+= b
'\x10\x23\x00\x21' + 33 * b
'\x00'
4409 data
+= b
'\x10\x21\x00\x41' + 65 * b
'\x00'
4410 data
+= b
'\x10\x49\x00\x09\x00\x37\x2a\x05\x02\x00\x00\x05\x00'
4411 send_wlanevent(url
, uuid
, data
)
4413 logger
.info("EAP message: M1 missing UUID-E")
4414 data
= b
'\x0202:00:00:00:00:00'
4415 data
+= b
'\x10\x22\x00\x01\x04'
4416 send_wlanevent(url
, uuid
, data
)
4418 logger
.info("EAP message: M1 missing MAC Address")
4419 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4420 send_wlanevent(url
, uuid
, data
)
4422 logger
.info("EAP message: M1 missing Enrollee Nonce")
4423 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4424 send_wlanevent(url
, uuid
, data
)
4426 logger
.info("EAP message: M1 missing Public Key")
4427 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4428 send_wlanevent(url
, uuid
, data
)
4430 logger
.info("EAP message: M1 missing Authentication Type flags")
4431 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4432 send_wlanevent(url
, uuid
, data
)
4434 logger
.info("EAP message: M1 missing Encryption Type Flags")
4435 data
+= b
'\x10\x04\x00\x02\x00\x00'
4436 send_wlanevent(url
, uuid
, data
)
4438 logger
.info("EAP message: M1 missing Connection Type flags")
4439 data
+= b
'\x10\x10\x00\x02\x00\x00'
4440 send_wlanevent(url
, uuid
, data
)
4442 logger
.info("EAP message: M1 missing Config Methods")
4443 data
+= b
'\x10\x0d\x00\x01\x00'
4444 send_wlanevent(url
, uuid
, data
)
4446 logger
.info("EAP message: M1 missing Wi-Fi Protected Setup State")
4447 data
+= b
'\x10\x08\x00\x02\x00\x00'
4448 send_wlanevent(url
, uuid
, data
)
4450 logger
.info("EAP message: M1 missing Manufacturer")
4451 data
+= b
'\x10\x44\x00\x01\x00'
4452 send_wlanevent(url
, uuid
, data
)
4454 logger
.info("EAP message: M1 missing Model Name")
4455 data
+= b
'\x10\x21\x00\x00'
4456 send_wlanevent(url
, uuid
, data
)
4458 logger
.info("EAP message: M1 missing Model Number")
4459 data
+= b
'\x10\x23\x00\x00'
4460 send_wlanevent(url
, uuid
, data
)
4462 logger
.info("EAP message: M1 missing Serial Number")
4463 data
+= b
'\x10\x24\x00\x00'
4464 send_wlanevent(url
, uuid
, data
)
4466 logger
.info("EAP message: M1 missing Primary Device Type")
4467 data
+= b
'\x10\x42\x00\x00'
4468 send_wlanevent(url
, uuid
, data
)
4470 logger
.info("EAP message: M1 missing Device Name")
4471 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4472 send_wlanevent(url
, uuid
, data
)
4474 logger
.info("EAP message: M1 missing RF Bands")
4475 data
+= b
'\x10\x11\x00\x00'
4476 send_wlanevent(url
, uuid
, data
)
4478 logger
.info("EAP message: M1 missing Association State")
4479 data
+= b
'\x10\x3c\x00\x01\x00'
4480 send_wlanevent(url
, uuid
, data
)
4482 logger
.info("EAP message: M1 missing Device Password ID")
4483 data
+= b
'\x10\x02\x00\x02\x00\x00'
4484 send_wlanevent(url
, uuid
, data
)
4486 logger
.info("EAP message: M1 missing Configuration Error")
4487 data
+= b
'\x10\x12\x00\x02\x00\x00'
4488 send_wlanevent(url
, uuid
, data
)
4490 logger
.info("EAP message: M1 missing OS Version")
4491 data
+= b
'\x10\x09\x00\x02\x00\x00'
4492 send_wlanevent(url
, uuid
, data
)
4494 logger
.info("Check max concurrent requests")
4495 addr
= (url
.hostname
, url
.port
)
4498 socks
[i
] = socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4500 socks
[i
].settimeout(10)
4501 socks
[i
].connect(addr
)
4503 socks
[i
].send(b
"GET / HTTP/1.1\r\n\r\n")
4507 res
= socks
[i
].recv(100).decode()
4511 logger
.info("recv[%d]: len=%d" % (i
, len(res
)))
4515 logger
.info("%d concurrent HTTP GET operations returned response" % count
)
4517 raise Exception("Too few concurrent HTTP connections accepted")
4519 logger
.info("OOM in HTTP server")
4520 for func
in ["http_request_init", "httpread_create",
4521 "eloop_register_timeout;httpread_create",
4522 "eloop_sock_table_add_sock;?eloop_register_sock;httpread_create",
4523 "httpread_hdr_analyze"]:
4524 with
alloc_fail(dev
[0], 1, func
):
4525 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4528 sock
.send(b
"GET / HTTP/1.1\r\n\r\n")
4535 logger
.info("Invalid HTTP header")
4536 for req
in [" GET / HTTP/1.1\r\n\r\n",
4537 "HTTP/1.1 200 OK\r\n\r\n",
4539 "GET %%a%aa% HTTP/1.1\r\n\r\n",
4540 "GET / HTTP/1.1\r\n FOO\r\n\r\n",
4541 "NOTIFY / HTTP/1.1\r\n" + 4097*'a' + '\r\n\r\n',
4542 "NOTIFY / HTTP/1.1\r\n\r\n" + 8193*'a',
4543 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n foo\r\n",
4544 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n1\r\nfoo\r\n",
4545 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\n",
4546 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\naa\ra\r\n\ra"]:
4547 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4549 sock
.settimeout(0.1)
4551 sock
.send(req
.encode())
4558 with
alloc_fail(dev
[0], 2, "httpread_read_handler"):
4559 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4562 sock
.send(b
"NOTIFY / HTTP/1.1\r\n\r\n" + 4500 * b
'a')
4569 conn
= HTTPConnection(url
.netloc
)
4571 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4572 "Server": "Unspecified, UPnP/1.0, Unspecified",
4575 "SID": "uuid:" + uuid
,
4577 "Content-Length": str(len(payload
))}
4578 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4579 resp
= conn
.getresponse()
4580 if resp
.status
!= 200:
4581 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4583 conn
= HTTPConnection(url
.netloc
)
4584 payload
= '<WLANEvent foo></WLANEvent>'
4585 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4586 "Server": "Unspecified, UPnP/1.0, Unspecified",
4589 "SID": "uuid:" + uuid
,
4591 "Content-Length": str(len(payload
))}
4592 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4593 resp
= conn
.getresponse()
4594 if resp
.status
!= 200:
4595 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4597 with
alloc_fail(dev
[0], 1, "xml_get_first_item"):
4598 send_wlanevent(url
, uuid
, b
'')
4600 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_ext_data;xml_get_base64_item"):
4601 send_wlanevent(url
, uuid
, b
'foo')
4603 for func
in ["wps_init",
4604 "wps_process_manufacturer",
4605 "wps_process_model_name",
4606 "wps_process_model_number",
4607 "wps_process_serial_number",
4608 "wps_process_dev_name"]:
4609 with
alloc_fail(dev
[0], 1, func
):
4610 send_wlanevent(url
, uuid
, m1
)
4612 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_ok"):
4613 send_wlanevent(url
, uuid
, m1
, no_response
=True)
4615 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_not_found"):
4616 url2
= urlparse(wps_event_url
.replace('/event/', '/notfound/'))
4617 send_wlanevent(url2
, uuid
, m1
, no_response
=True)
4619 logger
.info("EAP message: M1")
4620 data
= b
'\x0202:11:22:00:00:00'
4621 data
+= b
'\x10\x22\x00\x01\x04'
4622 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4623 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4624 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4625 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4626 data
+= b
'\x10\x04\x00\x02\x00\x00'
4627 data
+= b
'\x10\x10\x00\x02\x00\x00'
4628 data
+= b
'\x10\x0d\x00\x01\x00'
4629 data
+= b
'\x10\x08\x00\x02\x00\x00'
4630 data
+= b
'\x10\x44\x00\x01\x00'
4631 data
+= b
'\x10\x21\x00\x00'
4632 data
+= b
'\x10\x23\x00\x00'
4633 data
+= b
'\x10\x24\x00\x00'
4634 data
+= b
'\x10\x42\x00\x00'
4635 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4636 data
+= b
'\x10\x11\x00\x00'
4637 data
+= b
'\x10\x3c\x00\x01\x00'
4638 data
+= b
'\x10\x02\x00\x02\x00\x00'
4639 data
+= b
'\x10\x12\x00\x02\x00\x00'
4640 data
+= b
'\x10\x09\x00\x02\x00\x00'
4641 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4642 dev
[0].dump_monitor()
4643 with
alloc_fail(dev
[0], 1, "wps_er_add_sta_data"):
4644 send_wlanevent(url
, uuid
, data
)
4645 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=0.1)
4647 raise Exception("Unexpected enrollee add event")
4648 send_wlanevent(url
, uuid
, data
)
4649 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=2)
4651 raise Exception("Enrollee add event not seen")
4653 with
alloc_fail(dev
[0], 1,
4654 "base64_gen_encode;?base64_encode;wps_er_soap_hdr"):
4655 send_wlanevent(url
, uuid
, data
)
4657 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;wps_er_soap_hdr"):
4658 send_wlanevent(url
, uuid
, data
)
4660 with
alloc_fail(dev
[0], 1, "http_client_url_parse;wps_er_sta_send_msg"):
4661 send_wlanevent(url
, uuid
, data
)
4663 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_sta_send_msg"):
4664 send_wlanevent(url
, uuid
, data
)
4666 def test_ap_wps_er_http_proto_no_event_sub_url(dev
, apdev
):
4667 """WPS ER HTTP protocol testing - no eventSubURL"""
4668 class WPSAPHTTPServer_no_event_sub_url(WPSAPHTTPServer
):
4669 def handle_upnp_info(self
):
4670 self
.wfile
.write(gen_upnp_info(eventSubURL
=None))
4671 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_event_sub_url
,
4674 def test_ap_wps_er_http_proto_event_sub_url_dns(dev
, apdev
):
4675 """WPS ER HTTP protocol testing - DNS name in eventSubURL"""
4676 class WPSAPHTTPServer_event_sub_url_dns(WPSAPHTTPServer
):
4677 def handle_upnp_info(self
):
4678 self
.wfile
.write(gen_upnp_info(eventSubURL
='http://example.com/wps_event'))
4679 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_event_sub_url_dns
,
4682 def test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4683 """WPS ER HTTP protocol testing - subscribe OOM"""
4685 _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
)
4687 dev
[0].request("WPS_ER_STOP")
4689 def _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4690 tests
= [(1, "http_client_url_parse"),
4691 (1, "wpabuf_alloc;wps_er_subscribe"),
4692 (1, "http_client_addr"),
4693 (1, "eloop_sock_table_add_sock;?eloop_register_sock;http_client_addr"),
4694 (1, "eloop_register_timeout;http_client_addr")]
4695 for count
, func
in tests
:
4696 with
alloc_fail(dev
[0], count
, func
):
4697 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
)
4698 server
.handle_request()
4699 server
.handle_request()
4700 wps_er_stop(dev
[0], sock
, server
, on_alloc_fail
=True)
4702 def test_ap_wps_er_http_proto_no_sid(dev
, apdev
):
4703 """WPS ER HTTP protocol testing - no SID"""
4704 class WPSAPHTTPServer_no_sid(WPSAPHTTPServer
):
4705 def handle_wps_event(self
):
4706 self
.wfile
.write(gen_wps_event(sid
=None))
4707 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_sid
)
4709 def test_ap_wps_er_http_proto_invalid_sid_no_uuid(dev
, apdev
):
4710 """WPS ER HTTP protocol testing - invalid SID - no UUID"""
4711 class WPSAPHTTPServer_invalid_sid_no_uuid(WPSAPHTTPServer
):
4712 def handle_wps_event(self
):
4713 self
.wfile
.write(gen_wps_event(sid
='FOO'))
4714 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_no_uuid
)
4716 def test_ap_wps_er_http_proto_invalid_sid_uuid(dev
, apdev
):
4717 """WPS ER HTTP protocol testing - invalid SID UUID"""
4718 class WPSAPHTTPServer_invalid_sid_uuid(WPSAPHTTPServer
):
4719 def handle_wps_event(self
):
4720 self
.wfile
.write(gen_wps_event(sid
='uuid:FOO'))
4721 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_uuid
)
4723 def test_ap_wps_er_http_proto_subscribe_failing(dev
, apdev
):
4724 """WPS ER HTTP protocol testing - SUBSCRIBE failing"""
4725 class WPSAPHTTPServer_fail_subscribe(WPSAPHTTPServer
):
4726 def handle_wps_event(self
):
4728 hdr
= 'HTTP/1.1 404 Not Found\r\n' + \
4729 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4730 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4731 'Connection: close\r\n' + \
4732 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4733 'Timeout: Second-1801\r\n' + \
4734 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4735 self
.wfile
.write((hdr
+ payload
).encode())
4736 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_fail_subscribe
)
4738 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4739 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4740 class WPSAPHTTPServer_subscribe_invalid_response(WPSAPHTTPServer
):
4741 def handle_wps_event(self
):
4743 hdr
= 'HTTP/1.1 FOO\r\n' + \
4744 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4745 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4746 'Connection: close\r\n' + \
4747 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4748 'Timeout: Second-1801\r\n' + \
4749 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4750 self
.wfile
.write((hdr
+ payload
).encode())
4751 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_subscribe_invalid_response
)
4753 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4754 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4755 class WPSAPHTTPServer_invalid_m1(WPSAPHTTPServer
):
4756 def handle_wps_control(self
):
4757 payload
= '''<?xml version="1.0"?>
4758 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4760 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4761 <NewDeviceInfo>Rk9P</NewDeviceInfo>
4762 </u:GetDeviceInfoResponse>
4766 self
.wfile
.write(gen_wps_control(payload_override
=payload
))
4767 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_m1
, no_event_url
=True)
4769 def test_ap_wps_er_http_proto_upnp_info_no_device(dev
, apdev
):
4770 """WPS ER HTTP protocol testing - No device in UPnP info"""
4771 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4772 def handle_upnp_info(self
):
4773 payload
= '''<?xml version="1.0"?>
4774 <root xmlns="urn:schemas-upnp-org:device-1-0">
4781 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4782 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4783 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4784 'Connection: close\r\n' + \
4785 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4786 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4787 self
.wfile
.write((hdr
+ payload
).encode())
4788 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4790 def test_ap_wps_er_http_proto_upnp_info_no_device_type(dev
, apdev
):
4791 """WPS ER HTTP protocol testing - No deviceType in UPnP info"""
4792 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4793 def handle_upnp_info(self
):
4794 payload
= '''<?xml version="1.0"?>
4795 <root xmlns="urn:schemas-upnp-org:device-1-0">
4804 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4805 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4806 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4807 'Connection: close\r\n' + \
4808 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4809 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4810 self
.wfile
.write((hdr
+ payload
).encode())
4811 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4813 def test_ap_wps_er_http_proto_upnp_info_invalid_udn_uuid(dev
, apdev
):
4814 """WPS ER HTTP protocol testing - Invalid UDN UUID"""
4815 class WPSAPHTTPServer_invalid_udn_uuid(WPSAPHTTPServer
):
4816 def handle_upnp_info(self
):
4817 self
.wfile
.write(gen_upnp_info(udn
='uuid:foo'))
4818 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_udn_uuid
)
4820 def test_ap_wps_er_http_proto_no_control_url(dev
, apdev
):
4821 """WPS ER HTTP protocol testing - no controlURL"""
4822 class WPSAPHTTPServer_no_control_url(WPSAPHTTPServer
):
4823 def handle_upnp_info(self
):
4824 self
.wfile
.write(gen_upnp_info(controlURL
=None))
4825 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_control_url
,
4828 def test_ap_wps_er_http_proto_control_url_dns(dev
, apdev
):
4829 """WPS ER HTTP protocol testing - DNS name in controlURL"""
4830 class WPSAPHTTPServer_control_url_dns(WPSAPHTTPServer
):
4831 def handle_upnp_info(self
):
4832 self
.wfile
.write(gen_upnp_info(controlURL
='http://example.com/wps_control'))
4833 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_control_url_dns
,
4836 def test_ap_wps_http_timeout(dev
, apdev
):
4837 """WPS AP/ER and HTTP timeout"""
4839 _test_ap_wps_http_timeout(dev
, apdev
)
4841 dev
[0].request("WPS_ER_STOP")
4843 def _test_ap_wps_http_timeout(dev
, apdev
):
4844 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
4845 add_ssdp_ap(apdev
[0], ap_uuid
)
4847 location
= ssdp_get_location(ap_uuid
)
4848 url
= urlparse(location
)
4849 addr
= (url
.hostname
, url
.port
)
4850 logger
.debug("Open HTTP connection to hostapd, but do not complete request")
4851 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4856 class DummyServer(StreamRequestHandler
):
4858 logger
.debug("DummyServer - start 31 sec wait")
4860 logger
.debug("DummyServer - wait done")
4862 logger
.debug("Start WPS ER")
4863 server
, sock2
= wps_er_start(dev
[0], DummyServer
, max_age
=40,
4866 logger
.debug("Start server to accept, but not complete, HTTP connection from WPS ER")
4867 # This will wait for 31 seconds..
4868 server
.handle_request()
4870 logger
.debug("Complete HTTP connection with hostapd (that should have already closed the connection)")
4872 sock
.send("ET / HTTP/1.1\r\n\r\n")
4873 res
= sock
.recv(100)
4878 def test_ap_wps_er_url_parse(dev
, apdev
):
4879 """WPS ER and URL parsing special cases"""
4881 _test_ap_wps_er_url_parse(dev
, apdev
)
4883 dev
[0].request("WPS_ER_STOP")
4885 def _test_ap_wps_er_url_parse(dev
, apdev
):
4886 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4888 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4889 sock
.bind(("239.255.255.250", 1900))
4890 dev
[0].request("WPS_ER_START ifname=lo")
4891 (msg
, addr
) = sock
.recvfrom(1000)
4893 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4894 if "M-SEARCH" not in msg
:
4895 raise Exception("Not an M-SEARCH")
4896 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1\r\ncache-control:max-age=1\r\n\r\n", addr
)
4897 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4898 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1/:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4899 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4900 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://255.255.255.255:0/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4901 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4905 def test_ap_wps_er_link_update(dev
, apdev
):
4906 """WPS ER and link update special cases"""
4907 class WPSAPHTTPServer_link_update(WPSAPHTTPServer
):
4908 def handle_upnp_info(self
):
4909 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4910 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update
)
4912 class WPSAPHTTPServer_link_update2(WPSAPHTTPServer
):
4913 def handle_others(self
, data
):
4914 if "GET / " in data
:
4915 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4916 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update2
,
4917 location_url
='http://127.0.0.1:12345')
4919 def test_ap_wps_er_http_client(dev
, apdev
):
4920 """WPS ER and HTTP client special cases"""
4921 with
alloc_fail(dev
[0], 1, "http_link_update"):
4922 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
)
4924 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;http_client_url"):
4925 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4927 with
alloc_fail(dev
[0], 1, "httpread_create;http_client_tx_ready"):
4928 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4930 class WPSAPHTTPServer_req_as_resp(WPSAPHTTPServer
):
4931 def handle_upnp_info(self
):
4932 self
.wfile
.write(b
"GET / HTTP/1.1\r\n\r\n")
4933 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_req_as_resp
,
4936 def test_ap_wps_init_oom(dev
, apdev
):
4937 """wps_init OOM cases"""
4940 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
4942 hapd
= hostapd
.add_ap(apdev
[0], params
)
4943 pin
= dev
[0].wps_read_pin()
4945 with
alloc_fail(hapd
, 1, "wps_init"):
4946 hapd
.request("WPS_PIN any " + pin
)
4947 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4948 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4949 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4951 raise Exception("No EAP failure reported")
4952 dev
[0].request("WPS_CANCEL")
4954 with
alloc_fail(dev
[0], 2, "wps_init"):
4955 hapd
.request("WPS_PIN any " + pin
)
4956 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4957 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4958 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4960 raise Exception("No EAP failure reported")
4961 dev
[0].request("WPS_CANCEL")
4963 with
alloc_fail(dev
[0], 2, "wps_init"):
4964 hapd
.request("WPS_PBC")
4965 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4966 dev
[0].request("WPS_PBC %s" % (apdev
[0]['bssid']))
4967 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4969 raise Exception("No EAP failure reported")
4970 dev
[0].request("WPS_CANCEL")
4972 dev
[0].dump_monitor()
4973 new_ssid
= "wps-new-ssid"
4974 new_passphrase
= "1234567890"
4975 with
alloc_fail(dev
[0], 3, "wps_init"):
4976 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
4977 new_passphrase
, no_wait
=True)
4978 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4980 raise Exception("No EAP failure reported")
4982 dev
[0].flush_scan_cache()
4985 def test_ap_wps_invalid_assoc_req_elem(dev
, apdev
):
4986 """WPS and invalid IE in Association Request frame"""
4988 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
4989 hapd
= hostapd
.add_ap(apdev
[0], params
)
4991 hapd
.request("WPS_PIN any " + pin
)
4992 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4994 dev
[0].request("VENDOR_ELEM_ADD 13 dd050050f20410")
4995 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4997 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=10)
4998 if ev
and "vendor=14122" in ev
:
5000 if ev
is None or "vendor=14122" not in ev
:
5001 raise Exception("EAP-WSC not started")
5002 dev
[0].request("WPS_CANCEL")
5004 dev
[0].request("VENDOR_ELEM_REMOVE 13 *")
5006 def test_ap_wps_pbc_pin_mismatch(dev
, apdev
):
5007 """WPS PBC/PIN mismatch"""
5009 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5010 hapd
= hostapd
.add_ap(apdev
[0], params
)
5011 hapd
.request("SET wps_version_number 0x10")
5012 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5013 hapd
.request("WPS_PBC")
5014 pin
= dev
[0].wps_read_pin()
5015 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5016 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5018 raise Exception("Scan did not complete")
5019 dev
[0].request("WPS_CANCEL")
5021 hapd
.request("WPS_CANCEL")
5022 dev
[0].flush_scan_cache()
5025 def test_ap_wps_ie_invalid(dev
, apdev
):
5026 """WPS PIN attempt with AP that has invalid WSC IE"""
5028 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5029 "vendor_elements": "dd050050f20410"}
5030 hapd
= hostapd
.add_ap(apdev
[0], params
)
5031 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5032 hostapd
.add_ap(apdev
[1], params
)
5033 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5034 pin
= dev
[0].wps_read_pin()
5035 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5036 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5038 raise Exception("Scan did not complete")
5039 dev
[0].request("WPS_CANCEL")
5042 def test_ap_wps_scan_prio_order(dev
, apdev
):
5043 """WPS scan priority ordering"""
5045 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5046 hapd
= hostapd
.add_ap(apdev
[0], params
)
5047 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5048 hostapd
.add_ap(apdev
[1], params
)
5049 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5050 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5051 pin
= dev
[0].wps_read_pin()
5052 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5053 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5055 raise Exception("Scan did not complete")
5056 dev
[0].request("WPS_CANCEL")
5058 def test_ap_wps_probe_req_ie_oom(dev
, apdev
):
5059 """WPS ProbeReq IE OOM"""
5061 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5062 hapd
= hostapd
.add_ap(apdev
[0], params
)
5063 pin
= dev
[0].wps_read_pin()
5064 hapd
.request("WPS_PIN any " + pin
)
5065 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5066 with
alloc_fail(dev
[0], 1, "wps_build_probe_req_ie"):
5067 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5068 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5070 raise Exception("Association not seen")
5071 dev
[0].request("WPS_CANCEL")
5072 dev
[0].wait_disconnected()
5074 with
alloc_fail(dev
[0], 1, "wps_ie_encapsulate"):
5075 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5076 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5078 raise Exception("Association not seen")
5079 dev
[0].request("WPS_CANCEL")
5081 dev
[0].request("REMOVE_NETWORK all")
5082 dev
[0].wait_disconnected()
5084 dev
[0].flush_scan_cache()
5086 def test_ap_wps_assoc_req_ie_oom(dev
, apdev
):
5087 """WPS AssocReq IE OOM"""
5089 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5090 hapd
= hostapd
.add_ap(apdev
[0], params
)
5091 pin
= dev
[0].wps_read_pin()
5092 hapd
.request("WPS_PIN any " + pin
)
5093 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5094 with
alloc_fail(dev
[0], 1, "wps_build_assoc_req_ie"):
5095 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5096 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5098 raise Exception("Association not seen")
5099 dev
[0].request("WPS_CANCEL")
5101 def test_ap_wps_assoc_resp_ie_oom(dev
, apdev
):
5102 """WPS AssocResp IE OOM"""
5104 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5105 hapd
= hostapd
.add_ap(apdev
[0], params
)
5106 pin
= dev
[0].wps_read_pin()
5107 hapd
.request("WPS_PIN any " + pin
)
5108 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5109 with
alloc_fail(hapd
, 1, "wps_build_assoc_resp_ie"):
5110 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5111 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5113 raise Exception("Association not seen")
5114 dev
[0].request("WPS_CANCEL")
5117 def test_ap_wps_bss_info_errors(dev
, apdev
):
5118 """WPS BSS info errors"""
5119 params
= {"ssid": "1",
5120 "vendor_elements": "dd0e0050f20410440001ff101100010a"}
5121 hostapd
.add_ap(apdev
[0], params
)
5122 params
= {'ssid': "2", "vendor_elements": "dd050050f20410"}
5123 hostapd
.add_ap(apdev
[1], params
)
5124 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5125 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5126 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5127 logger
.info("BSS: " + str(bss
))
5128 if "wps_state" in bss
:
5129 raise Exception("Unexpected wps_state in BSS info")
5130 if 'wps_device_name' not in bss
:
5131 raise Exception("No wps_device_name in BSS info")
5132 if bss
['wps_device_name'] != '_':
5133 raise Exception("Unexpected wps_device_name value")
5134 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
5135 logger
.info("BSS: " + str(bss
))
5137 with
alloc_fail(dev
[0], 1, "=wps_attr_text"):
5138 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5139 logger
.info("BSS(OOM): " + str(bss
))
5141 def wps_run_pbc_fail_ap(apdev
, dev
, hapd
):
5142 hapd
.request("WPS_PBC")
5143 dev
.scan_for_bss(apdev
['bssid'], freq
="2412")
5144 dev
.request("WPS_PBC " + apdev
['bssid'])
5145 ev
= dev
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5147 raise Exception("No EAP failure reported")
5148 dev
.request("WPS_CANCEL")
5149 dev
.wait_disconnected()
5152 dev
.flush_scan_cache()
5154 except Exception as e
:
5155 if str(e
).startswith("Failed to trigger scan"):
5161 def wps_run_pbc_fail(apdev
, dev
):
5162 hapd
= wps_start_ap(apdev
)
5163 wps_run_pbc_fail_ap(apdev
, dev
, hapd
)
5166 def test_ap_wps_pk_oom(dev
, apdev
):
5167 """WPS and public key OOM"""
5168 with
alloc_fail(dev
[0], 1, "wps_build_public_key"):
5169 wps_run_pbc_fail(apdev
[0], dev
[0])
5172 def test_ap_wps_pk_oom_ap(dev
, apdev
):
5173 """WPS and public key OOM on AP"""
5174 hapd
= wps_start_ap(apdev
[0])
5175 with
alloc_fail(hapd
, 1, "wps_build_public_key"):
5176 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5179 def test_ap_wps_encr_oom_ap(dev
, apdev
):
5180 """WPS and encrypted settings decryption OOM on AP"""
5181 hapd
= wps_start_ap(apdev
[0])
5182 pin
= dev
[0].wps_read_pin()
5183 hapd
.request("WPS_PIN any " + pin
)
5184 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5185 with
alloc_fail(hapd
, 1, "wps_decrypt_encr_settings"):
5186 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
5187 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=10)
5189 raise Exception("No WPS-FAIL reported")
5190 dev
[0].request("WPS_CANCEL")
5191 dev
[0].wait_disconnected()
5194 def test_ap_wps_encr_no_random_ap(dev
, apdev
):
5195 """WPS and no random data available for encryption on AP"""
5196 hapd
= wps_start_ap(apdev
[0])
5197 with
fail_test(hapd
, 1, "os_get_random;wps_build_encr_settings"):
5198 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5201 def test_ap_wps_e_hash_no_random_sta(dev
, apdev
):
5202 """WPS and no random data available for e-hash on STA"""
5203 with
fail_test(dev
[0], 1, "os_get_random;wps_build_e_hash"):
5204 wps_run_pbc_fail(apdev
[0], dev
[0])
5207 def test_ap_wps_m1_no_random(dev
, apdev
):
5208 """WPS and no random for M1 on STA"""
5209 with
fail_test(dev
[0], 1, "os_get_random;wps_build_m1"):
5210 wps_run_pbc_fail(apdev
[0], dev
[0])
5213 def test_ap_wps_m1_oom(dev
, apdev
):
5214 """WPS and OOM for M1 on STA"""
5215 with
alloc_fail(dev
[0], 1, "wps_build_m1"):
5216 wps_run_pbc_fail(apdev
[0], dev
[0])
5219 def test_ap_wps_m3_oom(dev
, apdev
):
5220 """WPS and OOM for M3 on STA"""
5221 with
alloc_fail(dev
[0], 1, "wps_build_m3"):
5222 wps_run_pbc_fail(apdev
[0], dev
[0])
5225 def test_ap_wps_m5_oom(dev
, apdev
):
5226 """WPS and OOM for M5 on STA"""
5227 hapd
= wps_start_ap(apdev
[0])
5228 hapd
.request("WPS_PBC")
5229 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5230 for i
in range(1, 3):
5231 with
alloc_fail(dev
[0], i
, "wps_build_m5"):
5232 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5233 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5235 raise Exception("No EAP failure reported")
5236 dev
[0].request("WPS_CANCEL")
5237 dev
[0].wait_disconnected()
5238 dev
[0].flush_scan_cache()
5241 def test_ap_wps_m5_no_random(dev
, apdev
):
5242 """WPS and no random for M5 on STA"""
5243 with
fail_test(dev
[0], 1,
5244 "os_get_random;wps_build_encr_settings;wps_build_m5"):
5245 wps_run_pbc_fail(apdev
[0], dev
[0])
5248 def test_ap_wps_m7_oom(dev
, apdev
):
5249 """WPS and OOM for M7 on STA"""
5250 hapd
= wps_start_ap(apdev
[0])
5251 hapd
.request("WPS_PBC")
5252 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5253 for i
in range(1, 3):
5254 with
alloc_fail(dev
[0], i
, "wps_build_m7"):
5255 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5256 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5258 raise Exception("No EAP failure reported")
5259 dev
[0].request("WPS_CANCEL")
5260 dev
[0].wait_disconnected()
5261 dev
[0].flush_scan_cache()
5264 def test_ap_wps_m7_no_random(dev
, apdev
):
5265 """WPS and no random for M7 on STA"""
5266 with
fail_test(dev
[0], 1,
5267 "os_get_random;wps_build_encr_settings;wps_build_m7"):
5268 wps_run_pbc_fail(apdev
[0], dev
[0])
5271 def test_ap_wps_wsc_done_oom(dev
, apdev
):
5272 """WPS and OOM for WSC_Done on STA"""
5273 with
alloc_fail(dev
[0], 1, "wps_build_wsc_done"):
5274 wps_run_pbc_fail(apdev
[0], dev
[0])
5276 def test_ap_wps_random_psk_fail(dev
, apdev
):
5277 """WPS and no random for PSK on AP"""
5279 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
5287 with
open(pskfile
, "w") as f
:
5288 f
.write("# WPA PSKs\n")
5290 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5291 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
5292 "rsn_pairwise": "CCMP", "ap_pin": appin
,
5293 "wpa_psk_file": pskfile
}
5294 hapd
= hostapd
.add_ap(apdev
[0], params
)
5296 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5297 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred_network_key"):
5298 dev
[0].request("WPS_REG " + apdev
[0]['bssid'] + " " + appin
)
5299 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5301 raise Exception("No EAP failure reported")
5302 dev
[0].request("WPS_CANCEL")
5303 dev
[0].wait_disconnected()
5305 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred"):
5306 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5308 with
alloc_fail(hapd
, 1, "wps_build_cred"):
5309 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5311 with
alloc_fail(hapd
, 2, "wps_build_cred"):
5312 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5316 def wps_ext_eap_identity_req(dev
, hapd
, bssid
):
5317 logger
.debug("EAP-Identity/Request")
5318 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5320 raise Exception("Timeout on EAPOL-TX from hostapd")
5321 res
= dev
.request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
5323 raise Exception("EAPOL_RX to wpa_supplicant failed")
5325 def wps_ext_eap_identity_resp(hapd
, dev
, addr
):
5326 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
5328 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
5329 res
= hapd
.request("EAPOL_RX " + addr
+ " " + ev
.split(' ')[2])
5331 raise Exception("EAPOL_RX to hostapd failed")
5333 def wps_ext_eap_wsc(dst
, src
, src_addr
, msg
):
5335 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5337 raise Exception("Timeout on EAPOL-TX")
5338 res
= dst
.request("EAPOL_RX " + src_addr
+ " " + ev
.split(' ')[2])
5340 raise Exception("EAPOL_RX failed")
5342 def wps_start_ext(apdev
, dev
, pbc
=False, pin
=None):
5343 addr
= dev
.own_addr()
5344 bssid
= apdev
['bssid']
5345 ssid
= "test-wps-conf"
5346 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5347 "wpa_passphrase": "12345678", "wpa": "2",
5348 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
5349 hapd
= hostapd
.add_ap(apdev
, params
)
5352 hapd
.request("WPS_PBC")
5355 pin
= dev
.wps_read_pin()
5356 hapd
.request("WPS_PIN any " + pin
)
5357 dev
.scan_for_bss(bssid
, freq
="2412")
5358 hapd
.request("SET ext_eapol_frame_io 1")
5359 dev
.request("SET ext_eapol_frame_io 1")
5362 dev
.request("WPS_PBC " + bssid
)
5364 dev
.request("WPS_PIN " + bssid
+ " " + pin
)
5365 return addr
, bssid
, hapd
5367 def wps_auth_corrupt(dst
, src
, addr
):
5368 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5370 raise Exception("Timeout on EAPOL-TX")
5371 src
.request("SET ext_eapol_frame_io 0")
5372 dst
.request("SET ext_eapol_frame_io 0")
5373 msg
= ev
.split(' ')[2]
5374 if msg
[-24:-16] != '10050008':
5375 raise Exception("Could not find Authenticator attribute")
5376 # Corrupt Authenticator value
5377 msg
= msg
[:-1] + '%x' % ((int(msg
[-1], 16) + 1) % 16)
5378 res
= dst
.request("EAPOL_RX " + addr
+ " " + msg
)
5380 raise Exception("EAPOL_RX failed")
5382 def wps_fail_finish(hapd
, dev
, fail_str
):
5383 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5385 raise Exception("WPS-FAIL not indicated")
5386 if fail_str
not in ev
:
5387 raise Exception("Unexpected WPS-FAIL value: " + ev
)
5388 dev
.request("WPS_CANCEL")
5389 dev
.wait_disconnected()
5391 def wps_auth_corrupt_from_ap(dev
, hapd
, bssid
, fail_str
):
5392 wps_auth_corrupt(dev
, hapd
, bssid
)
5393 wps_fail_finish(hapd
, dev
, fail_str
)
5395 def wps_auth_corrupt_to_ap(dev
, hapd
, addr
, fail_str
):
5396 wps_auth_corrupt(hapd
, dev
, addr
)
5397 wps_fail_finish(hapd
, dev
, fail_str
)
5399 def test_ap_wps_authenticator_mismatch_m2(dev
, apdev
):
5400 """WPS and Authenticator attribute mismatch in M2"""
5401 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5402 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5403 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5404 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5405 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5407 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=5")
5409 def test_ap_wps_authenticator_mismatch_m3(dev
, apdev
):
5410 """WPS and Authenticator attribute mismatch in M3"""
5411 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5412 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5413 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5414 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5415 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5416 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5418 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=7")
5420 def test_ap_wps_authenticator_mismatch_m4(dev
, apdev
):
5421 """WPS and Authenticator attribute mismatch in M4"""
5422 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5423 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5424 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5425 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5426 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5427 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5428 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5430 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=8")
5432 def test_ap_wps_authenticator_mismatch_m5(dev
, apdev
):
5433 """WPS and Authenticator attribute mismatch in M5"""
5434 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5435 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5436 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5437 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5438 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5439 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5440 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5441 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5443 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=9")
5445 def test_ap_wps_authenticator_mismatch_m6(dev
, apdev
):
5446 """WPS and Authenticator attribute mismatch in M6"""
5447 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5448 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5449 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5450 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5451 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5452 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5453 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5454 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5455 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5457 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=10")
5459 def test_ap_wps_authenticator_mismatch_m7(dev
, apdev
):
5460 """WPS and Authenticator attribute mismatch in M7"""
5461 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5462 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5463 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5464 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5465 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5466 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5467 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5468 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5469 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5470 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5472 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=11")
5474 def test_ap_wps_authenticator_mismatch_m8(dev
, apdev
):
5475 """WPS and Authenticator attribute mismatch in M8"""
5476 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5477 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5478 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5479 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5480 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5481 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5482 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5483 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5484 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5485 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5486 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M7")
5488 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=12")
5490 def test_ap_wps_authenticator_missing_m2(dev
, apdev
):
5491 """WPS and Authenticator attribute missing from M2"""
5492 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5493 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5494 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5495 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5496 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5498 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5500 raise Exception("Timeout on EAPOL-TX")
5501 hapd
.request("SET ext_eapol_frame_io 0")
5502 dev
[0].request("SET ext_eapol_frame_io 0")
5503 msg
= ev
.split(' ')[2]
5504 if msg
[-24:-16] != '10050008':
5505 raise Exception("Could not find Authenticator attribute")
5506 # Remove Authenticator value
5508 mlen
= "%04x" % (int(msg
[4:8], 16) - 12)
5509 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:]
5510 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5512 raise Exception("EAPOL_RX failed")
5513 wps_fail_finish(hapd
, dev
[0], "msg=5")
5515 def test_ap_wps_m2_dev_passwd_id_p2p(dev
, apdev
):
5516 """WPS and M2 with different Device Password ID (P2P)"""
5517 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5518 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5519 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5520 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5521 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5523 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5525 raise Exception("Timeout on EAPOL-TX")
5526 hapd
.request("SET ext_eapol_frame_io 0")
5527 dev
[0].request("SET ext_eapol_frame_io 0")
5528 msg
= ev
.split(' ')[2]
5529 if msg
[722:730] != '10120002':
5530 raise Exception("Could not find Device Password ID attribute")
5531 # Replace Device Password ID value. This will fail Authenticator check, but
5532 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5534 msg
= msg
[0:730] + "0005" + msg
[734:]
5535 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5537 raise Exception("EAPOL_RX failed")
5538 wps_fail_finish(hapd
, dev
[0], "msg=5")
5540 def test_ap_wps_m2_dev_passwd_id_change_pin_to_pbc(dev
, apdev
):
5541 """WPS and M2 with different Device Password ID (PIN to PBC)"""
5542 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5543 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5544 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5545 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5546 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5548 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5550 raise Exception("Timeout on EAPOL-TX")
5551 hapd
.request("SET ext_eapol_frame_io 0")
5552 dev
[0].request("SET ext_eapol_frame_io 0")
5553 msg
= ev
.split(' ')[2]
5554 if msg
[722:730] != '10120002':
5555 raise Exception("Could not find Device Password ID attribute")
5556 # Replace Device Password ID value (PIN --> PBC). This will be rejected.
5557 msg
= msg
[0:730] + "0004" + msg
[734:]
5558 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5560 raise Exception("EAPOL_RX failed")
5561 wps_fail_finish(hapd
, dev
[0], "msg=5")
5563 def test_ap_wps_m2_dev_passwd_id_change_pbc_to_pin(dev
, apdev
):
5564 """WPS and M2 with different Device Password ID (PBC to PIN)"""
5565 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5566 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5567 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5568 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5569 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5571 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5573 raise Exception("Timeout on EAPOL-TX")
5574 hapd
.request("SET ext_eapol_frame_io 0")
5575 dev
[0].request("SET ext_eapol_frame_io 0")
5576 msg
= ev
.split(' ')[2]
5577 if msg
[722:730] != '10120002':
5578 raise Exception("Could not find Device Password ID attribute")
5579 # Replace Device Password ID value. This will fail Authenticator check, but
5580 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5582 msg
= msg
[0:730] + "0000" + msg
[734:]
5583 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5585 raise Exception("EAPOL_RX failed")
5586 wps_fail_finish(hapd
, dev
[0], "msg=5")
5587 dev
[0].flush_scan_cache()
5589 def test_ap_wps_m2_missing_dev_passwd_id(dev
, apdev
):
5590 """WPS and M2 without Device Password ID"""
5591 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5592 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5593 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5594 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5595 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5597 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5599 raise Exception("Timeout on EAPOL-TX")
5600 hapd
.request("SET ext_eapol_frame_io 0")
5601 dev
[0].request("SET ext_eapol_frame_io 0")
5602 msg
= ev
.split(' ')[2]
5603 if msg
[722:730] != '10120002':
5604 raise Exception("Could not find Device Password ID attribute")
5605 # Remove Device Password ID value. This will fail Authenticator check, but
5606 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5608 mlen
= "%04x" % (int(msg
[4:8], 16) - 6)
5609 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:722] + msg
[734:]
5610 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5612 raise Exception("EAPOL_RX failed")
5613 wps_fail_finish(hapd
, dev
[0], "msg=5")
5615 def test_ap_wps_m2_missing_registrar_nonce(dev
, apdev
):
5616 """WPS and M2 without Registrar Nonce"""
5617 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5618 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5619 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5620 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5621 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5623 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5625 raise Exception("Timeout on EAPOL-TX")
5626 hapd
.request("SET ext_eapol_frame_io 0")
5627 dev
[0].request("SET ext_eapol_frame_io 0")
5628 msg
= ev
.split(' ')[2]
5629 if msg
[96:104] != '10390010':
5630 raise Exception("Could not find Registrar Nonce attribute")
5631 # Remove Registrar Nonce. This will fail Authenticator check, but
5632 # allows the code path in wps_process_registrar_nonce() to be checked from
5634 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5635 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:96] + msg
[136:]
5636 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5638 raise Exception("EAPOL_RX failed")
5639 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5641 raise Exception("Disconnect event not seen")
5642 dev
[0].request("WPS_CANCEL")
5643 dev
[0].flush_scan_cache()
5645 def test_ap_wps_m2_missing_enrollee_nonce(dev
, apdev
):
5646 """WPS and M2 without Enrollee Nonce"""
5647 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5648 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5649 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5650 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5651 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5653 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5655 raise Exception("Timeout on EAPOL-TX")
5656 hapd
.request("SET ext_eapol_frame_io 0")
5657 dev
[0].request("SET ext_eapol_frame_io 0")
5658 msg
= ev
.split(' ')[2]
5659 if msg
[56:64] != '101a0010':
5660 raise Exception("Could not find enrollee Nonce attribute")
5661 # Remove Enrollee Nonce. This will fail Authenticator check, but
5662 # allows the code path in wps_process_enrollee_nonce() to be checked from
5664 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5665 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:56] + msg
[96:]
5666 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5668 raise Exception("EAPOL_RX failed")
5669 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5671 raise Exception("Disconnect event not seen")
5672 dev
[0].request("WPS_CANCEL")
5673 dev
[0].flush_scan_cache()
5675 def test_ap_wps_m2_missing_uuid_r(dev
, apdev
):
5676 """WPS and M2 without UUID-R"""
5677 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5678 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5679 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5680 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5681 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5683 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5685 raise Exception("Timeout on EAPOL-TX")
5686 hapd
.request("SET ext_eapol_frame_io 0")
5687 dev
[0].request("SET ext_eapol_frame_io 0")
5688 msg
= ev
.split(' ')[2]
5689 if msg
[136:144] != '10480010':
5690 raise Exception("Could not find enrollee Nonce attribute")
5691 # Remove UUID-R. This will fail Authenticator check, but allows the code
5692 # path in wps_process_uuid_r() to be checked from the debug log.
5693 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5694 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:136] + msg
[176:]
5695 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5697 raise Exception("EAPOL_RX failed")
5698 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5700 raise Exception("Disconnect event not seen")
5701 dev
[0].request("WPS_CANCEL")
5702 dev
[0].flush_scan_cache()
5704 def test_ap_wps_m2_invalid(dev
, apdev
):
5705 """WPS and M2 parsing failure"""
5706 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5707 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5708 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5709 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5710 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5712 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5714 raise Exception("Timeout on EAPOL-TX")
5715 hapd
.request("SET ext_eapol_frame_io 0")
5716 dev
[0].request("SET ext_eapol_frame_io 0")
5717 msg
= ev
.split(' ')[2]
5718 if msg
[136:144] != '10480010':
5719 raise Exception("Could not find enrollee Nonce attribute")
5720 # Remove UUID-R. This will fail Authenticator check, but allows the code
5721 # path in wps_process_uuid_r() to be checked from the debug log.
5722 mlen
= "%04x" % (int(msg
[4:8], 16) - 1)
5723 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:-2]
5724 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5726 raise Exception("EAPOL_RX failed")
5727 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5729 raise Exception("Disconnect event not seen")
5730 dev
[0].request("WPS_CANCEL")
5731 dev
[0].flush_scan_cache()
5733 def test_ap_wps_m2_missing_msg_type(dev
, apdev
):
5734 """WPS and M2 without Message Type"""
5735 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5736 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5737 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5738 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5739 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5741 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5743 raise Exception("Timeout on EAPOL-TX")
5744 hapd
.request("SET ext_eapol_frame_io 0")
5745 dev
[0].request("SET ext_eapol_frame_io 0")
5746 msg
= ev
.split(' ')[2]
5747 if msg
[46:54] != '10220001':
5748 raise Exception("Could not find Message Type attribute")
5749 # Remove Message Type. This will fail Authenticator check, but allows the
5750 # code path in wps_process_wsc_msg() to be checked from the debug log.
5751 mlen
= "%04x" % (int(msg
[4:8], 16) - 5)
5752 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:46] + msg
[56:]
5753 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5755 raise Exception("EAPOL_RX failed")
5756 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5758 raise Exception("Disconnect event not seen")
5759 dev
[0].request("WPS_CANCEL")
5760 dev
[0].flush_scan_cache()
5762 def test_ap_wps_m2_unknown_msg_type(dev
, apdev
):
5763 """WPS and M2 but unknown Message Type"""
5764 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5765 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5766 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5767 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5768 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5770 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5772 raise Exception("Timeout on EAPOL-TX")
5773 hapd
.request("SET ext_eapol_frame_io 0")
5774 dev
[0].request("SET ext_eapol_frame_io 0")
5775 msg
= ev
.split(' ')[2]
5776 if msg
[46:54] != '10220001':
5777 raise Exception("Could not find Message Type attribute")
5778 # Replace Message Type value. This will be rejected.
5779 msg
= msg
[0:54] + "00" + msg
[56:]
5780 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5782 raise Exception("EAPOL_RX failed")
5783 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5785 raise Exception("Disconnect event not seen")
5786 dev
[0].request("WPS_CANCEL")
5787 dev
[0].flush_scan_cache()
5789 def test_ap_wps_m2_unknown_opcode(dev
, apdev
):
5790 """WPS and M2 but unknown opcode"""
5791 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5792 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5793 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5794 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5795 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5797 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5799 raise Exception("Timeout on EAPOL-TX")
5800 hapd
.request("SET ext_eapol_frame_io 0")
5801 dev
[0].request("SET ext_eapol_frame_io 0")
5802 msg
= ev
.split(' ')[2]
5803 # Replace opcode. This will be discarded in EAP-WSC processing.
5804 msg
= msg
[0:32] + "00" + msg
[34:]
5805 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5807 raise Exception("EAPOL_RX failed")
5808 dev
[0].request("WPS_CANCEL")
5809 dev
[0].wait_disconnected()
5810 dev
[0].flush_scan_cache()
5812 def test_ap_wps_m2_unknown_opcode2(dev
, apdev
):
5813 """WPS and M2 but unknown opcode (WSC_Start)"""
5814 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5815 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5816 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5817 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5818 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5820 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5822 raise Exception("Timeout on EAPOL-TX")
5823 hapd
.request("SET ext_eapol_frame_io 0")
5824 dev
[0].request("SET ext_eapol_frame_io 0")
5825 msg
= ev
.split(' ')[2]
5826 # Replace opcode. This will be discarded in EAP-WSC processing.
5827 msg
= msg
[0:32] + "01" + msg
[34:]
5828 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5830 raise Exception("EAPOL_RX failed")
5831 dev
[0].request("WPS_CANCEL")
5832 dev
[0].wait_disconnected()
5833 dev
[0].flush_scan_cache()
5835 def test_ap_wps_m2_unknown_opcode3(dev
, apdev
):
5836 """WPS and M2 but unknown opcode (WSC_Done)"""
5837 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5838 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5839 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5840 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5841 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5843 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5845 raise Exception("Timeout on EAPOL-TX")
5846 hapd
.request("SET ext_eapol_frame_io 0")
5847 dev
[0].request("SET ext_eapol_frame_io 0")
5848 msg
= ev
.split(' ')[2]
5849 # Replace opcode. This will be discarded in WPS Enrollee processing.
5850 msg
= msg
[0:32] + "05" + msg
[34:]
5851 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5853 raise Exception("EAPOL_RX failed")
5854 dev
[0].request("WPS_CANCEL")
5855 dev
[0].wait_disconnected()
5856 dev
[0].flush_scan_cache()
5858 def wps_m2_but_other(dev
, apdev
, title
, msgtype
):
5859 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
5860 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5861 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5862 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5863 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5865 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5867 raise Exception("Timeout on EAPOL-TX")
5868 hapd
.request("SET ext_eapol_frame_io 0")
5869 dev
.request("SET ext_eapol_frame_io 0")
5870 msg
= ev
.split(' ')[2]
5871 if msg
[46:54] != '10220001':
5872 raise Exception("Could not find Message Type attribute")
5873 # Replace Message Type value. This will be rejected.
5874 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5875 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5877 raise Exception("EAPOL_RX failed")
5878 ev
= dev
.wait_event(["WPS-FAIL"], timeout
=5)
5880 raise Exception("WPS-FAIL event not seen")
5881 dev
.request("WPS_CANCEL")
5882 dev
.wait_disconnected()
5884 def wps_m4_but_other(dev
, apdev
, title
, msgtype
):
5885 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
5886 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5887 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5888 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5889 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5890 wps_ext_eap_wsc(dev
, hapd
, bssid
, "M2")
5891 wps_ext_eap_wsc(hapd
, dev
, addr
, "M3")
5893 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5895 raise Exception("Timeout on EAPOL-TX")
5896 hapd
.request("SET ext_eapol_frame_io 0")
5897 dev
.request("SET ext_eapol_frame_io 0")
5898 msg
= ev
.split(' ')[2]
5899 if msg
[46:54] != '10220001':
5900 raise Exception("Could not find Message Type attribute")
5901 # Replace Message Type value. This will be rejected.
5902 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5903 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5905 raise Exception("EAPOL_RX failed")
5906 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5908 raise Exception("WPS-FAIL event not seen")
5909 dev
.request("WPS_CANCEL")
5910 dev
.wait_disconnected()
5912 def test_ap_wps_m2_msg_type_m4(dev
, apdev
):
5913 """WPS and M2 but Message Type M4"""
5914 wps_m2_but_other(dev
[0], apdev
[0], "M2/M4", "08")
5916 def test_ap_wps_m2_msg_type_m6(dev
, apdev
):
5917 """WPS and M2 but Message Type M6"""
5918 wps_m2_but_other(dev
[0], apdev
[0], "M2/M6", "0a")
5920 def test_ap_wps_m2_msg_type_m8(dev
, apdev
):
5921 """WPS and M2 but Message Type M8"""
5922 wps_m2_but_other(dev
[0], apdev
[0], "M2/M8", "0c")
5924 def test_ap_wps_m4_msg_type_m2(dev
, apdev
):
5925 """WPS and M4 but Message Type M2"""
5926 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2", "05")
5928 def test_ap_wps_m4_msg_type_m2d(dev
, apdev
):
5929 """WPS and M4 but Message Type M2D"""
5930 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2D", "06")
5933 def test_ap_wps_config_methods(dev
, apdev
):
5934 """WPS configuration method parsing"""
5935 ssid
= "test-wps-conf"
5936 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5937 "wpa_passphrase": "12345678", "wpa": "2",
5938 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5939 "config_methods": "ethernet display ext_nfc_token int_nfc_token physical_display physical_push_button"}
5940 hapd
= hostapd
.add_ap(apdev
[0], params
)
5941 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5942 "wpa_passphrase": "12345678", "wpa": "2",
5943 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5944 "config_methods": "display push_button"}
5945 hapd2
= hostapd
.add_ap(apdev
[1], params
)
5947 def test_ap_wps_set_selected_registrar_proto(dev
, apdev
):
5948 """WPS UPnP SetSelectedRegistrar protocol testing"""
5949 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5950 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
5952 location
= ssdp_get_location(ap_uuid
)
5953 urls
= upnp_get_urls(location
)
5954 eventurl
= urlparse(urls
['event_sub_url'])
5955 ctrlurl
= urlparse(urls
['control_url'])
5956 url
= urlparse(location
)
5957 conn
= HTTPConnection(url
.netloc
)
5959 class WPSERHTTPServer(StreamRequestHandler
):
5961 data
= self
.rfile
.readline().strip()
5963 self
.wfile
.write(gen_wps_event())
5965 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
5968 headers
= {"callback": '<http://127.0.0.1:12345/event>',
5970 "timeout": "Second-1234"}
5971 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
5972 resp
= conn
.getresponse()
5973 if resp
.status
!= 200:
5974 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
5975 sid
= resp
.getheader("sid")
5976 logger
.debug("Subscription SID " + sid
)
5977 server
.handle_request()
5979 tests
= [(500, "10"),
5980 (200, "104a000110" + "1041000101" + "101200020000" +
5982 "1049002c00372a0001200124111111111111222222222222333333333333444444444444555555555555666666666666" +
5983 "10480010362db47ba53a519188fb5458b986b2e4"),
5984 (200, "104a000110" + "1041000100" + "101200020000" +
5986 (200, "104a000110" + "1041000100"),
5987 (200, "104a000110")]
5988 for status
, test
in tests
:
5989 tlvs
= binascii
.unhexlify(test
)
5990 newmsg
= base64
.b64encode(tlvs
).decode()
5991 msg
= '<?xml version="1.0"?>\n'
5992 msg
+= '<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
5994 msg
+= '<u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">'
5995 msg
+= '<NewMessage>'
5997 msg
+= "</NewMessage></u:SetSelectedRegistrar></s:Body></s:Envelope>"
5998 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
5999 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
6000 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
6001 resp
= conn
.getresponse()
6002 if resp
.status
!= status
:
6003 raise Exception("Unexpected HTTP response: %d (expected %d)" % (resp
.status
, status
))
6005 def test_ap_wps_adv_oom(dev
, apdev
):
6006 """WPS AP and advertisement OOM"""
6007 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
6008 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
6010 with
alloc_fail(hapd
, 1, "=msearchreply_state_machine_start"):
6011 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6015 with
alloc_fail(hapd
, 1, "eloop_register_timeout;msearchreply_state_machine_start"):
6016 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6020 with
alloc_fail(hapd
, 1,
6021 "next_advertisement;advertisement_state_machine_stop"):
6024 with
alloc_fail(hapd
, 1, "ssdp_listener_start"):
6025 if "FAIL" not in hapd
.request("ENABLE"):
6026 raise Exception("ENABLE succeeded during OOM")
6028 def test_wps_config_methods(dev
):
6029 """WPS config method update"""
6030 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
6031 wpas
.interface_add("wlan5")
6032 if "OK" not in wpas
.request("SET config_methods display label"):
6033 raise Exception("Failed to set config_methods")
6034 if wpas
.request("GET config_methods").strip() != "display label":
6035 raise Exception("config_methods were not updated")
6036 if "OK" not in wpas
.request("SET config_methods "):
6037 raise Exception("Failed to clear config_methods")
6038 if wpas
.request("GET config_methods").strip() != "":
6039 raise Exception("config_methods were not cleared")
6041 WPS_VENDOR_ID_WFA
= 14122
6044 # EAP-WSC Op-Code values
6052 ATTR_AP_CHANNEL
= 0x1001
6053 ATTR_ASSOC_STATE
= 0x1002
6054 ATTR_AUTH_TYPE
= 0x1003
6055 ATTR_AUTH_TYPE_FLAGS
= 0x1004
6056 ATTR_AUTHENTICATOR
= 0x1005
6057 ATTR_CONFIG_METHODS
= 0x1008
6058 ATTR_CONFIG_ERROR
= 0x1009
6059 ATTR_CONFIRM_URL4
= 0x100a
6060 ATTR_CONFIRM_URL6
= 0x100b
6061 ATTR_CONN_TYPE
= 0x100c
6062 ATTR_CONN_TYPE_FLAGS
= 0x100d
6064 ATTR_ENCR_TYPE
= 0x100f
6065 ATTR_ENCR_TYPE_FLAGS
= 0x1010
6066 ATTR_DEV_NAME
= 0x1011
6067 ATTR_DEV_PASSWORD_ID
= 0x1012
6068 ATTR_E_HASH1
= 0x1014
6069 ATTR_E_HASH2
= 0x1015
6070 ATTR_E_SNONCE1
= 0x1016
6071 ATTR_E_SNONCE2
= 0x1017
6072 ATTR_ENCR_SETTINGS
= 0x1018
6073 ATTR_ENROLLEE_NONCE
= 0x101a
6074 ATTR_FEATURE_ID
= 0x101b
6075 ATTR_IDENTITY
= 0x101c
6076 ATTR_IDENTITY_PROOF
= 0x101d
6077 ATTR_KEY_WRAP_AUTH
= 0x101e
6078 ATTR_KEY_ID
= 0x101f
6079 ATTR_MAC_ADDR
= 0x1020
6080 ATTR_MANUFACTURER
= 0x1021
6081 ATTR_MSG_TYPE
= 0x1022
6082 ATTR_MODEL_NAME
= 0x1023
6083 ATTR_MODEL_NUMBER
= 0x1024
6084 ATTR_NETWORK_INDEX
= 0x1026
6085 ATTR_NETWORK_KEY
= 0x1027
6086 ATTR_NETWORK_KEY_INDEX
= 0x1028
6087 ATTR_NEW_DEVICE_NAME
= 0x1029
6088 ATTR_NEW_PASSWORD
= 0x102a
6089 ATTR_OOB_DEVICE_PASSWORD
= 0x102c
6090 ATTR_OS_VERSION
= 0x102d
6091 ATTR_POWER_LEVEL
= 0x102f
6092 ATTR_PSK_CURRENT
= 0x1030
6093 ATTR_PSK_MAX
= 0x1031
6094 ATTR_PUBLIC_KEY
= 0x1032
6095 ATTR_RADIO_ENABLE
= 0x1033
6096 ATTR_REBOOT
= 0x1034
6097 ATTR_REGISTRAR_CURRENT
= 0x1035
6098 ATTR_REGISTRAR_ESTABLISHED
= 0x1036
6099 ATTR_REGISTRAR_LIST
= 0x1037
6100 ATTR_REGISTRAR_MAX
= 0x1038
6101 ATTR_REGISTRAR_NONCE
= 0x1039
6102 ATTR_REQUEST_TYPE
= 0x103a
6103 ATTR_RESPONSE_TYPE
= 0x103b
6104 ATTR_RF_BANDS
= 0x103c
6105 ATTR_R_HASH1
= 0x103d
6106 ATTR_R_HASH2
= 0x103e
6107 ATTR_R_SNONCE1
= 0x103f
6108 ATTR_R_SNONCE2
= 0x1040
6109 ATTR_SELECTED_REGISTRAR
= 0x1041
6110 ATTR_SERIAL_NUMBER
= 0x1042
6111 ATTR_WPS_STATE
= 0x1044
6113 ATTR_TOTAL_NETWORKS
= 0x1046
6114 ATTR_UUID_E
= 0x1047
6115 ATTR_UUID_R
= 0x1048
6116 ATTR_VENDOR_EXT
= 0x1049
6117 ATTR_VERSION
= 0x104a
6118 ATTR_X509_CERT_REQ
= 0x104b
6119 ATTR_X509_CERT
= 0x104c
6120 ATTR_EAP_IDENTITY
= 0x104d
6121 ATTR_MSG_COUNTER
= 0x104e
6122 ATTR_PUBKEY_HASH
= 0x104f
6123 ATTR_REKEY_KEY
= 0x1050
6124 ATTR_KEY_LIFETIME
= 0x1051
6125 ATTR_PERMITTED_CFG_METHODS
= 0x1052
6126 ATTR_SELECTED_REGISTRAR_CONFIG_METHODS
= 0x1053
6127 ATTR_PRIMARY_DEV_TYPE
= 0x1054
6128 ATTR_SECONDARY_DEV_TYPE_LIST
= 0x1055
6129 ATTR_PORTABLE_DEV
= 0x1056
6130 ATTR_AP_SETUP_LOCKED
= 0x1057
6131 ATTR_APPLICATION_EXT
= 0x1058
6132 ATTR_EAP_TYPE
= 0x1059
6134 ATTR_KEY_PROVIDED_AUTO
= 0x1061
6135 ATTR_802_1X_ENABLED
= 0x1062
6136 ATTR_APPSESSIONKEY
= 0x1063
6137 ATTR_WEPTRANSMITKEY
= 0x1064
6138 ATTR_REQUESTED_DEV_TYPE
= 0x106a
6142 WPS_ProbeRequest
= 0x02
6143 WPS_ProbeResponse
= 0x03
6157 def get_wsc_msg(dev
):
6158 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
6160 raise Exception("Timeout on EAPOL-TX")
6161 data
= binascii
.unhexlify(ev
.split(' ')[2])
6164 # Parse EAPOL header
6166 raise Exception("No room for EAPOL header")
6167 version
, type, length
= struct
.unpack('>BBH', data
[0:4])
6168 msg
['eapol_version'] = version
6169 msg
['eapol_type'] = type
6170 msg
['eapol_length'] = length
6172 if length
!= len(data
):
6173 raise Exception("EAPOL header length mismatch (%d != %d)" % (length
, len(data
)))
6175 raise Exception("Unexpected EAPOL header type: %d" % type)
6179 raise Exception("No room for EAP header")
6180 code
, identifier
, length
= struct
.unpack('>BBH', data
[0:4])
6181 msg
['eap_code'] = code
6182 msg
['eap_identifier'] = identifier
6183 msg
['eap_length'] = length
6185 if msg
['eapol_length'] != msg
['eap_length']:
6186 raise Exception("EAP header length mismatch (%d != %d)" % (msg
['eapol_length'], length
))
6188 # Parse EAP expanded header
6190 raise Exception("No EAP type included")
6191 msg
['eap_type'], = struct
.unpack('B', data
[0:1])
6194 if msg
['eap_type'] == 254:
6195 if len(data
) < 3 + 4:
6196 raise Exception("Truncated EAP expanded header")
6197 msg
['eap_vendor_id'], msg
['eap_vendor_type'] = struct
.unpack('>LL', b
'\x00' + data
[0:7])
6200 raise Exception("Unexpected EAP type")
6202 if msg
['eap_vendor_id'] != WPS_VENDOR_ID_WFA
:
6203 raise Exception("Unexpected Vendor-Id")
6204 if msg
['eap_vendor_type'] != WPS_VENDOR_TYPE
:
6205 raise Exception("Unexpected Vendor-Type")
6207 # Parse EAP-WSC header
6209 raise Exception("Truncated EAP-WSC header")
6210 msg
['wsc_opcode'], msg
['wsc_flags'] = struct
.unpack('BB', data
[0:2])
6213 # Parse WSC attributes
6214 msg
['raw_attrs'] = data
6216 while len(data
) > 0:
6218 raise Exception("Truncated attribute header")
6219 attr
, length
= struct
.unpack('>HH', data
[0:4])
6221 if length
> len(data
):
6222 raise Exception("Truncated attribute 0x%04x" % attr
)
6223 attrs
[attr
] = data
[0:length
]
6224 data
= data
[length
:]
6225 msg
['wsc_attrs'] = attrs
6227 if ATTR_MSG_TYPE
in attrs
:
6228 msg
['wsc_msg_type'], = struct
.unpack('B', attrs
[ATTR_MSG_TYPE
])
6232 def recv_wsc_msg(dev
, opcode
, msg_type
):
6233 msg
= get_wsc_msg(dev
)
6234 if msg
['wsc_opcode'] != opcode
or msg
['wsc_msg_type'] != msg_type
:
6235 raise Exception("Unexpected Op-Code/MsgType")
6236 return msg
, msg
['wsc_attrs'], msg
['raw_attrs']
6238 def build_wsc_attr(attr
, payload
):
6239 _payload
= payload
if type(payload
) == bytes
else payload
.encode()
6240 return struct
.pack('>HH', attr
, len(_payload
)) + _payload
6242 def build_attr_msg_type(msg_type
):
6243 return build_wsc_attr(ATTR_MSG_TYPE
, struct
.pack('B', msg_type
))
6245 def build_eap_wsc(eap_code
, eap_id
, payload
, opcode
=WSC_MSG
):
6246 length
= 4 + 8 + 2 + len(payload
)
6248 msg
= struct
.pack('>BBH', 2, 0, length
)
6250 msg
+= struct
.pack('>BBH', eap_code
, eap_id
, length
)
6251 # EAP expanded header for EAP-WSC
6252 msg
+= struct
.pack('B', 254)
6253 msg
+= struct
.pack('>L', WPS_VENDOR_ID_WFA
)[1:4]
6254 msg
+= struct
.pack('>L', WPS_VENDOR_TYPE
)
6256 msg
+= struct
.pack('BB', opcode
, 0)
6261 def build_eap_success(eap_id
):
6264 msg
= struct
.pack('>BBH', 2, 0, length
)
6266 msg
+= struct
.pack('>BBH', 3, eap_id
, length
)
6269 def build_eap_failure(eap_id
):
6272 msg
= struct
.pack('>BBH', 2, 0, length
)
6274 msg
+= struct
.pack('>BBH', 4, eap_id
, length
)
6277 def send_wsc_msg(dev
, src
, msg
):
6278 res
= dev
.request("EAPOL_RX " + src
+ " " + binascii
.hexlify(msg
).decode())
6280 raise Exception("EAPOL_RX failed")
6282 group_5_prime
= 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
6283 group_5_generator
= 2
6285 def wsc_kdf(key
, label
, bits
):
6288 while len(result
) * 8 < bits
:
6289 data
= struct
.pack('>L', i
) + label
.encode() + struct
.pack('>L', bits
)
6290 m
= hmac
.new(key
, data
, hashlib
.sha256
)
6291 result
+= m
.digest()
6293 return result
[0:bits
// 8]
6296 keys
= wsc_kdf(kdk
, "Wi-Fi Easy and Secure Key Derivation", 640)
6297 authkey
= keys
[0:32]
6298 keywrapkey
= keys
[32:48]
6300 return authkey
, keywrapkey
, emsk
6302 def wsc_dev_pw_half_psk(authkey
, dev_pw
):
6303 m
= hmac
.new(authkey
, dev_pw
.encode(), hashlib
.sha256
)
6304 return m
.digest()[0:16]
6306 def wsc_dev_pw_psk(authkey
, dev_pw
):
6307 dev_pw_1
= dev_pw
[0:len(dev_pw
) // 2]
6308 dev_pw_2
= dev_pw
[len(dev_pw
) // 2:]
6309 psk1
= wsc_dev_pw_half_psk(authkey
, dev_pw_1
)
6310 psk2
= wsc_dev_pw_half_psk(authkey
, dev_pw_2
)
6313 def build_attr_authenticator(authkey
, prev_msg
, curr_msg
):
6314 m
= hmac
.new(authkey
, prev_msg
+ curr_msg
, hashlib
.sha256
)
6315 auth
= m
.digest()[0:8]
6316 return build_wsc_attr(ATTR_AUTHENTICATOR
, auth
)
6318 def build_attr_encr_settings(authkey
, keywrapkey
, data
):
6319 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6320 kwa
= m
.digest()[0:8]
6321 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6323 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6324 pad_len
= 16 - len(data
) % 16
6325 ps
= pad_len
* struct
.pack('B', pad_len
)
6327 wrapped
= aes
.encrypt(data
)
6328 return build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6330 def decrypt_attr_encr_settings(authkey
, keywrapkey
, data
):
6331 if len(data
) < 32 or len(data
) % 16 != 0:
6332 raise Exception("Unexpected Encrypted Settings length: %d" % len(data
))
6335 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6336 decrypted
= aes
.decrypt(encr
)
6337 pad_len
, = struct
.unpack('B', decrypted
[-1:])
6338 if pad_len
> len(decrypted
):
6339 raise Exception("Invalid padding in Encrypted Settings")
6340 for i
in range(-pad_len
, -1):
6341 if decrypted
[i
] != decrypted
[-1]:
6342 raise Exception("Invalid PS value in Encrypted Settings")
6344 decrypted
= decrypted
[0:len(decrypted
) - pad_len
]
6345 if len(decrypted
) < 12:
6346 raise Exception("Truncated Encrypted Settings plaintext")
6347 kwa
= decrypted
[-12:]
6348 attr
, length
= struct
.unpack(">HH", kwa
[0:4])
6349 if attr
!= ATTR_KEY_WRAP_AUTH
or length
!= 8:
6350 raise Exception("Invalid KWA header")
6352 decrypted
= decrypted
[0:len(decrypted
) - 12]
6354 m
= hmac
.new(authkey
, decrypted
, hashlib
.sha256
)
6355 calc_kwa
= m
.digest()[0:8]
6357 raise Exception("KWA mismatch")
6361 def zeropad_str(val
, pad_len
):
6362 while len(val
) < pad_len
* 2:
6367 # For now, use a hardcoded private key. In theory, this is supposed to be
6368 # randomly selected.
6369 own_private
= 0x123456789
6370 own_public
= pow(group_5_generator
, own_private
, group_5_prime
)
6371 pk
= binascii
.unhexlify(zeropad_str(format(own_public
, '02x'), 192))
6372 return own_private
, pk
6374 def wsc_dh_kdf(peer_pk
, own_private
, mac_addr
, e_nonce
, r_nonce
):
6375 peer_public
= int(binascii
.hexlify(peer_pk
), 16)
6376 if peer_public
< 2 or peer_public
>= group_5_prime
:
6377 raise Exception("Invalid peer public key")
6378 if pow(peer_public
, (group_5_prime
- 1) // 2, group_5_prime
) != 1:
6379 raise Exception("Unexpected Legendre symbol for peer public key")
6381 shared_secret
= pow(peer_public
, own_private
, group_5_prime
)
6382 ss
= zeropad_str(format(shared_secret
, "02x"), 192)
6383 logger
.debug("DH shared secret: " + ss
)
6385 dhkey
= hashlib
.sha256(binascii
.unhexlify(ss
)).digest()
6386 logger
.debug("DHKey: " + binascii
.hexlify(dhkey
).decode())
6388 m
= hmac
.new(dhkey
, e_nonce
+ mac_addr
+ r_nonce
, hashlib
.sha256
)
6390 logger
.debug("KDK: " + binascii
.hexlify(kdk
).decode())
6391 authkey
, keywrapkey
, emsk
= wsc_keys(kdk
)
6392 logger
.debug("AuthKey: " + binascii
.hexlify(authkey
).decode())
6393 logger
.debug("KeyWrapKey: " + binascii
.hexlify(keywrapkey
).decode())
6394 logger
.debug("EMSK: " + binascii
.hexlify(emsk
).decode())
6395 return authkey
, keywrapkey
6397 def wsc_dev_pw_hash(authkey
, dev_pw
, e_pk
, r_pk
):
6398 psk1
, psk2
= wsc_dev_pw_psk(authkey
, dev_pw
)
6399 logger
.debug("PSK1: " + binascii
.hexlify(psk1
).decode())
6400 logger
.debug("PSK2: " + binascii
.hexlify(psk2
).decode())
6402 # Note: Secret values are supposed to be random, but hardcoded values are
6405 m
= hmac
.new(authkey
, s1
+ psk1
+ e_pk
+ r_pk
, hashlib
.sha256
)
6407 logger
.debug("Hash1: " + binascii
.hexlify(hash1
).decode())
6410 m
= hmac
.new(authkey
, s2
+ psk2
+ e_pk
+ r_pk
, hashlib
.sha256
)
6412 logger
.debug("Hash2: " + binascii
.hexlify(hash2
).decode())
6413 return s1
, s2
, hash1
, hash2
6415 def build_m1(eap_id
, uuid_e
, mac_addr
, e_nonce
, e_pk
,
6416 manufacturer
='', model_name
='', config_methods
='\x00\x00'):
6417 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6418 attrs
+= build_attr_msg_type(WPS_M1
)
6419 attrs
+= build_wsc_attr(ATTR_UUID_E
, uuid_e
)
6420 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6421 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6422 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, e_pk
)
6423 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6424 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6425 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6426 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, config_methods
)
6427 attrs
+= build_wsc_attr(ATTR_WPS_STATE
, '\x00')
6428 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, manufacturer
)
6429 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, model_name
)
6430 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6431 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6432 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6433 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6434 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6435 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6436 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, '\x00\x00')
6437 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6438 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6439 m1
= build_eap_wsc(2, eap_id
, attrs
)
6442 def build_m2(authkey
, m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, r_pk
,
6443 dev_pw_id
='\x00\x00', eap_code
=1):
6444 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6445 attrs
+= build_attr_msg_type(WPS_M2
)
6447 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6449 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6450 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6452 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, r_pk
)
6453 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6454 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6455 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6456 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6457 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6458 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6459 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6460 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6461 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6462 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6463 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6464 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6465 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6466 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6467 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6468 attrs
+= build_attr_authenticator(authkey
, m1
, attrs
)
6469 m2
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6472 def build_m2d(m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, dev_pw_id
=None, eap_code
=1):
6473 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6474 attrs
+= build_attr_msg_type(WPS_M2D
)
6475 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6476 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6477 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6478 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6479 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6480 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6481 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6482 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6483 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6484 #attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6485 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6486 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6487 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6488 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6489 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6490 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6491 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6493 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6494 m2d
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6497 def build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=WPS_WSC_ACK
, eap_code
=1):
6498 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6499 if msg_type
is not None:
6500 attrs
+= build_attr_msg_type(msg_type
)
6502 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6504 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6505 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_ACK
)
6508 def build_nack(eap_id
, e_nonce
, r_nonce
, config_error
='\x00\x00',
6509 msg_type
=WPS_WSC_NACK
, eap_code
=1):
6510 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6511 if msg_type
is not None:
6512 attrs
+= build_attr_msg_type(msg_type
)
6514 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6516 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6518 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, config_error
)
6519 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_NACK
)
6522 def test_wps_ext(dev
, apdev
):
6523 """WPS against external implementation"""
6525 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6526 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6527 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6529 logger
.debug("Receive WSC/Start from AP")
6530 msg
= get_wsc_msg(hapd
)
6531 if msg
['wsc_opcode'] != WSC_Start
:
6532 raise Exception("Unexpected Op-Code for WSC/Start")
6533 wsc_start_id
= msg
['eap_identifier']
6535 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6537 e_nonce
= 16*b
'\x22'
6538 own_private
, e_pk
= wsc_dh_init()
6540 logger
.debug("Send M1 to AP")
6541 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
6543 send_wsc_msg(hapd
, addr
, m1
)
6545 logger
.debug("Receive M2 from AP")
6546 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
6548 authkey
, keywrapkey
= wsc_dh_kdf(m2_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6550 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6551 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
,
6552 m2_attrs
[ATTR_PUBLIC_KEY
])
6554 logger
.debug("Send M3 to AP")
6555 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6556 attrs
+= build_attr_msg_type(WPS_M3
)
6557 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6558 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6559 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
6560 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
6561 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
6562 raw_m3_attrs
= attrs
6563 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6564 send_wsc_msg(hapd
, addr
, m3
)
6566 logger
.debug("Receive M4 from AP")
6567 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
6569 logger
.debug("Send M5 to AP")
6570 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6571 attrs
+= build_attr_msg_type(WPS_M5
)
6572 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6573 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6574 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
6575 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6576 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
6577 raw_m5_attrs
= attrs
6578 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6579 send_wsc_msg(hapd
, addr
, m5
)
6581 logger
.debug("Receive M6 from AP")
6582 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
6584 logger
.debug("Send M7 to AP")
6585 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6586 attrs
+= build_attr_msg_type(WPS_M7
)
6587 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6588 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6589 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
6590 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6591 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
6592 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6593 raw_m7_attrs
= attrs
6594 send_wsc_msg(hapd
, addr
, m7
)
6596 logger
.debug("Receive M8 from AP")
6597 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
6598 m8_cred
= decrypt_attr_encr_settings(authkey
, keywrapkey
,
6599 m8_attrs
[ATTR_ENCR_SETTINGS
])
6600 logger
.debug("M8 Credential: " + binascii
.hexlify(m8_cred
).decode())
6602 logger
.debug("Prepare WSC_Done")
6603 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6604 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
6605 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6606 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6607 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6608 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
6609 # Do not send WSC_Done yet to allow exchangw with STA complete before the
6613 r_nonce
= 16*b
'\x44'
6615 eap_id
= wsc_start_id
6616 logger
.debug("Send WSC/Start to STA")
6617 wsc_start
= build_eap_wsc(1, eap_id
, b
'', opcode
=WSC_Start
)
6618 send_wsc_msg(dev
[0], bssid
, wsc_start
)
6619 eap_id
= (eap_id
+ 1) % 256
6621 logger
.debug("Receive M1 from STA")
6622 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6624 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6625 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6627 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6628 m1_attrs
[ATTR_PUBLIC_KEY
],
6631 logger
.debug("Send M2 to STA")
6632 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6633 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6634 r_nonce
, uuid_r
, e_pk
)
6635 send_wsc_msg(dev
[0], bssid
, m2
)
6636 eap_id
= (eap_id
+ 1) % 256
6638 logger
.debug("Receive M3 from STA")
6639 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6641 logger
.debug("Send M4 to STA")
6642 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6643 attrs
+= build_attr_msg_type(WPS_M4
)
6644 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6645 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6646 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6647 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6648 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6649 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6650 raw_m4_attrs
= attrs
6651 m4
= build_eap_wsc(1, eap_id
, attrs
)
6652 send_wsc_msg(dev
[0], bssid
, m4
)
6653 eap_id
= (eap_id
+ 1) % 256
6655 logger
.debug("Receive M5 from STA")
6656 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6658 logger
.debug("Send M6 to STA")
6659 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6660 attrs
+= build_attr_msg_type(WPS_M6
)
6661 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6662 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6663 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6664 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6665 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6666 raw_m6_attrs
= attrs
6667 m6
= build_eap_wsc(1, eap_id
, attrs
)
6668 send_wsc_msg(dev
[0], bssid
, m6
)
6669 eap_id
= (eap_id
+ 1) % 256
6671 logger
.debug("Receive M7 from STA")
6672 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6674 logger
.debug("Send M8 to STA")
6675 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6676 attrs
+= build_attr_msg_type(WPS_M8
)
6677 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6678 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6679 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6680 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6681 raw_m8_attrs
= attrs
6682 m8
= build_eap_wsc(1, eap_id
, attrs
)
6683 send_wsc_msg(dev
[0], bssid
, m8
)
6684 eap_id
= (eap_id
+ 1) % 256
6686 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=5)
6688 raise Exception("wpa_supplicant did not report credential")
6690 logger
.debug("Receive WSC_Done from STA")
6691 msg
= get_wsc_msg(dev
[0])
6692 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6693 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6695 logger
.debug("Send WSC_Done to AP")
6696 hapd
.request("SET ext_eapol_frame_io 0")
6697 dev
[0].request("SET ext_eapol_frame_io 0")
6698 send_wsc_msg(hapd
, addr
, wsc_done
)
6700 ev
= hapd
.wait_event(["WPS-REG-SUCCESS"], timeout
=5)
6702 raise Exception("hostapd did not report WPS success")
6704 dev
[0].wait_connected()
6706 def wps_start_kwa(dev
, apdev
):
6708 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6709 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6710 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6711 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6713 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6715 r_nonce
= 16*b
'\x44'
6716 own_private
, e_pk
= wsc_dh_init()
6718 logger
.debug("Receive M1 from STA")
6719 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6720 eap_id
= (msg
['eap_identifier'] + 1) % 256
6722 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6723 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6725 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6726 m1_attrs
[ATTR_PUBLIC_KEY
],
6729 logger
.debug("Send M2 to STA")
6730 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6731 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6732 r_nonce
, uuid_r
, e_pk
)
6733 send_wsc_msg(dev
[0], bssid
, m2
)
6734 eap_id
= (eap_id
+ 1) % 256
6736 logger
.debug("Receive M3 from STA")
6737 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6739 logger
.debug("Send M4 to STA")
6740 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6741 attrs
+= build_attr_msg_type(WPS_M4
)
6742 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6743 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6744 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6746 return r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
6748 def wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
):
6749 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6750 m4
= build_eap_wsc(1, eap_id
, attrs
)
6751 send_wsc_msg(dev
[0], bssid
, m4
)
6752 eap_id
= (eap_id
+ 1) % 256
6754 logger
.debug("Receive M5 from STA")
6755 msg
= get_wsc_msg(dev
[0])
6756 if msg
['wsc_opcode'] != WSC_NACK
:
6757 raise Exception("Unexpected message - expected WSC_Nack")
6759 dev
[0].request("WPS_CANCEL")
6760 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6761 dev
[0].wait_disconnected()
6763 def test_wps_ext_kwa_proto_no_kwa(dev
, apdev
):
6764 """WPS and KWA error: No KWA attribute"""
6765 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6766 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6767 # Encrypted Settings without KWA
6769 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6770 pad_len
= 16 - len(data
) % 16
6771 ps
= pad_len
* struct
.pack('B', pad_len
)
6773 wrapped
= aes
.encrypt(data
)
6774 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6775 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6777 def test_wps_ext_kwa_proto_data_after_kwa(dev
, apdev
):
6778 """WPS and KWA error: Data after KWA"""
6779 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6780 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6781 # Encrypted Settings and data after KWA
6782 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6783 kwa
= m
.digest()[0:8]
6784 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6785 data
+= build_wsc_attr(ATTR_VENDOR_EXT
, "1234567890")
6787 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6788 pad_len
= 16 - len(data
) % 16
6789 ps
= pad_len
* struct
.pack('B', pad_len
)
6791 wrapped
= aes
.encrypt(data
)
6792 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6793 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6795 def test_wps_ext_kwa_proto_kwa_mismatch(dev
, apdev
):
6796 """WPS and KWA error: KWA mismatch"""
6797 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6798 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6799 # Encrypted Settings and KWA with incorrect value
6800 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, 8*'\x00')
6802 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6803 pad_len
= 16 - len(data
) % 16
6804 ps
= pad_len
* struct
.pack('B', pad_len
)
6806 wrapped
= aes
.encrypt(data
)
6807 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6808 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6810 def wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=False, no_connect
=False):
6812 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6813 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6814 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6815 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6817 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6819 r_nonce
= 16*b
'\x44'
6820 own_private
, e_pk
= wsc_dh_init()
6822 logger
.debug("Receive M1 from STA")
6823 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6824 eap_id
= (msg
['eap_identifier'] + 1) % 256
6826 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6827 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6829 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6830 m1_attrs
[ATTR_PUBLIC_KEY
],
6833 logger
.debug("Send M2 to STA")
6834 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6835 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6836 r_nonce
, uuid_r
, e_pk
)
6837 send_wsc_msg(dev
[0], bssid
, m2
)
6838 eap_id
= (eap_id
+ 1) % 256
6840 logger
.debug("Receive M3 from STA")
6841 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6843 logger
.debug("Send M4 to STA")
6844 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6845 attrs
+= build_attr_msg_type(WPS_M4
)
6846 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6847 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6848 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6849 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6850 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6851 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6852 raw_m4_attrs
= attrs
6853 m4
= build_eap_wsc(1, eap_id
, attrs
)
6854 send_wsc_msg(dev
[0], bssid
, m4
)
6855 eap_id
= (eap_id
+ 1) % 256
6857 logger
.debug("Receive M5 from STA")
6858 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6860 logger
.debug("Send M6 to STA")
6861 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6862 attrs
+= build_attr_msg_type(WPS_M6
)
6863 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6864 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6865 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6866 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6867 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6868 raw_m6_attrs
= attrs
6869 m6
= build_eap_wsc(1, eap_id
, attrs
)
6870 send_wsc_msg(dev
[0], bssid
, m6
)
6871 eap_id
= (eap_id
+ 1) % 256
6873 logger
.debug("Receive M7 from STA")
6874 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6876 logger
.debug("Send M8 to STA")
6877 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6878 attrs
+= build_attr_msg_type(WPS_M8
)
6879 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6880 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6881 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6882 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6883 raw_m8_attrs
= attrs
6884 m8
= build_eap_wsc(1, eap_id
, attrs
)
6885 send_wsc_msg(dev
[0], bssid
, m8
)
6886 eap_id
= (eap_id
+ 1) % 256
6889 logger
.debug("Receive WSC_Done from STA")
6890 msg
= get_wsc_msg(dev
[0])
6891 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6892 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6894 hapd
.request("SET ext_eapol_frame_io 0")
6895 dev
[0].request("SET ext_eapol_frame_io 0")
6897 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6899 dev
[0].wait_disconnected()
6900 dev
[0].request("REMOVE_NETWORK all")
6902 logger
.debug("Receive WSC_Done from STA")
6903 msg
= get_wsc_msg(dev
[0])
6904 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6905 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6907 hapd
.request("SET ext_eapol_frame_io 0")
6908 dev
[0].request("SET ext_eapol_frame_io 0")
6910 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6912 dev
[0].wait_connected()
6914 # Verify STA NACK's the credential
6915 msg
= get_wsc_msg(dev
[0])
6916 if msg
['wsc_opcode'] != WSC_NACK
:
6917 raise Exception("Unexpected message - expected WSC_Nack")
6918 dev
[0].request("WPS_CANCEL")
6919 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6920 dev
[0].wait_disconnected()
6922 def build_cred(nw_idx
='\x01', ssid
='test-wps-conf', auth_type
='\x00\x20',
6923 encr_type
='\x00\x08', nw_key
="12345678",
6924 mac_addr
='\x00\x00\x00\x00\x00\x00'):
6926 if nw_idx
is not None:
6927 attrs
+= build_wsc_attr(ATTR_NETWORK_INDEX
, nw_idx
)
6928 if ssid
is not None:
6929 attrs
+= build_wsc_attr(ATTR_SSID
, ssid
)
6930 if auth_type
is not None:
6931 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE
, auth_type
)
6932 if encr_type
is not None:
6933 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE
, encr_type
)
6934 if nw_key
is not None:
6935 attrs
+= build_wsc_attr(ATTR_NETWORK_KEY
, nw_key
)
6936 if mac_addr
is not None:
6937 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6938 return build_wsc_attr(ATTR_CRED
, attrs
)
6940 def test_wps_ext_cred_proto_success(dev
, apdev
):
6941 """WPS and Credential: success"""
6942 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6943 m8_cred
= build_cred(mac_addr
=mac_addr
)
6944 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6946 def test_wps_ext_cred_proto_mac_addr_mismatch(dev
, apdev
):
6947 """WPS and Credential: MAC Address mismatch"""
6948 m8_cred
= build_cred()
6949 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6951 def test_wps_ext_cred_proto_zero_padding(dev
, apdev
):
6952 """WPS and Credential: zeropadded attributes"""
6953 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6954 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
='test-wps-conf\x00',
6955 nw_key
="12345678\x00")
6956 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6958 def test_wps_ext_cred_proto_ssid_missing(dev
, apdev
):
6959 """WPS and Credential: SSID missing"""
6960 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6961 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
=None)
6962 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6964 def test_wps_ext_cred_proto_ssid_zero_len(dev
, apdev
):
6965 """WPS and Credential: Zero-length SSID"""
6966 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6967 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
="")
6968 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
6970 def test_wps_ext_cred_proto_auth_type_missing(dev
, apdev
):
6971 """WPS and Credential: Auth Type missing"""
6972 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6973 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
=None)
6974 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6976 def test_wps_ext_cred_proto_encr_type_missing(dev
, apdev
):
6977 """WPS and Credential: Encr Type missing"""
6978 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6979 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
=None)
6980 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6982 def test_wps_ext_cred_proto_network_key_missing(dev
, apdev
):
6983 """WPS and Credential: Network Key missing"""
6984 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6985 m8_cred
= build_cred(mac_addr
=mac_addr
, nw_key
=None)
6986 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6988 def test_wps_ext_cred_proto_network_key_missing_open(dev
, apdev
):
6989 """WPS and Credential: Network Key missing (open)"""
6990 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6991 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
='\x00\x01',
6992 encr_type
='\x00\x01', nw_key
=None, ssid
="foo")
6993 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
6995 def test_wps_ext_cred_proto_mac_addr_missing(dev
, apdev
):
6996 """WPS and Credential: MAC Address missing"""
6997 m8_cred
= build_cred(mac_addr
=None)
6998 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7000 def test_wps_ext_cred_proto_invalid_encr_type(dev
, apdev
):
7001 """WPS and Credential: Invalid Encr Type"""
7002 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7003 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
='\x00\x00')
7004 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7006 def test_wps_ext_cred_proto_missing_cred(dev
, apdev
):
7007 """WPS and Credential: Missing Credential"""
7008 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7010 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7012 def test_wps_ext_proto_m2_no_public_key(dev
, apdev
):
7013 """WPS and no Public Key in M2"""
7015 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7016 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7017 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7018 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7020 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7022 r_nonce
= 16*b
'\x44'
7023 own_private
, e_pk
= wsc_dh_init()
7025 logger
.debug("Receive M1 from STA")
7026 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7027 eap_id
= (msg
['eap_identifier'] + 1) % 256
7029 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7030 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7032 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7033 m1_attrs
[ATTR_PUBLIC_KEY
],
7036 logger
.debug("Send M2 to STA")
7037 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7038 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7039 r_nonce
, uuid_r
, None)
7040 send_wsc_msg(dev
[0], bssid
, m2
)
7041 eap_id
= (eap_id
+ 1) % 256
7043 # Verify STA NACK's the credential
7044 msg
= get_wsc_msg(dev
[0])
7045 if msg
['wsc_opcode'] != WSC_NACK
:
7046 raise Exception("Unexpected message - expected WSC_Nack")
7047 dev
[0].request("WPS_CANCEL")
7048 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7049 dev
[0].wait_disconnected()
7051 def test_wps_ext_proto_m2_invalid_public_key(dev
, apdev
):
7052 """WPS and invalid Public Key in M2"""
7054 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7055 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7056 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7057 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7059 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7061 r_nonce
= 16*b
'\x44'
7062 own_private
, e_pk
= wsc_dh_init()
7064 logger
.debug("Receive M1 from STA")
7065 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7066 eap_id
= (msg
['eap_identifier'] + 1) % 256
7068 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7069 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7071 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7072 m1_attrs
[ATTR_PUBLIC_KEY
],
7075 logger
.debug("Send M2 to STA")
7076 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7077 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7078 r_nonce
, uuid_r
, 192*b
'\xff')
7079 send_wsc_msg(dev
[0], bssid
, m2
)
7080 eap_id
= (eap_id
+ 1) % 256
7082 # Verify STA NACK's the credential
7083 msg
= get_wsc_msg(dev
[0])
7084 if msg
['wsc_opcode'] != WSC_NACK
:
7085 raise Exception("Unexpected message - expected WSC_Nack")
7086 dev
[0].request("WPS_CANCEL")
7087 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7088 dev
[0].wait_disconnected()
7090 def test_wps_ext_proto_m2_public_key_oom(dev
, apdev
):
7091 """WPS and Public Key OOM in M2"""
7093 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7094 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7095 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7096 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7098 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7100 r_nonce
= 16*b
'\x44'
7101 own_private
, e_pk
= wsc_dh_init()
7103 logger
.debug("Receive M1 from STA")
7104 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7105 eap_id
= (msg
['eap_identifier'] + 1) % 256
7107 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7108 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7110 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7111 m1_attrs
[ATTR_PUBLIC_KEY
],
7114 logger
.debug("Send M2 to STA")
7115 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7116 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7117 r_nonce
, uuid_r
, e_pk
)
7118 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_copy;wps_process_pubkey"):
7119 send_wsc_msg(dev
[0], bssid
, m2
)
7120 eap_id
= (eap_id
+ 1) % 256
7122 # Verify STA NACK's the credential
7123 msg
= get_wsc_msg(dev
[0])
7124 if msg
['wsc_opcode'] != WSC_NACK
:
7125 raise Exception("Unexpected message - expected WSC_Nack")
7126 dev
[0].request("WPS_CANCEL")
7127 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7128 dev
[0].wait_disconnected()
7130 def test_wps_ext_proto_nack_m3(dev
, apdev
):
7131 """WPS and NACK M3"""
7133 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7134 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7135 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7136 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7138 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7140 r_nonce
= 16*b
'\x44'
7141 own_private
, e_pk
= wsc_dh_init()
7143 logger
.debug("Receive M1 from STA")
7144 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7145 eap_id
= (msg
['eap_identifier'] + 1) % 256
7147 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7148 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7150 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7151 m1_attrs
[ATTR_PUBLIC_KEY
],
7154 logger
.debug("Send M2 to STA")
7155 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7156 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7157 r_nonce
, uuid_r
, e_pk
)
7158 send_wsc_msg(dev
[0], bssid
, m2
)
7159 eap_id
= (eap_id
+ 1) % 256
7161 logger
.debug("Receive M3 from STA")
7162 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7164 logger
.debug("Send NACK to STA")
7165 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7166 r_nonce
, config_error
='\x01\x23')
7167 send_wsc_msg(dev
[0], bssid
, msg
)
7168 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7170 raise Exception("Failure not reported")
7171 if "msg=7 config_error=291" not in ev
:
7172 raise Exception("Unexpected failure reason: " + ev
)
7174 def test_wps_ext_proto_nack_m5(dev
, apdev
):
7175 """WPS and NACK M5"""
7177 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7178 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7179 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7180 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7182 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7184 r_nonce
= 16*b
'\x44'
7185 own_private
, e_pk
= wsc_dh_init()
7187 logger
.debug("Receive M1 from STA")
7188 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7189 eap_id
= (msg
['eap_identifier'] + 1) % 256
7191 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7192 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7194 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7195 m1_attrs
[ATTR_PUBLIC_KEY
],
7198 logger
.debug("Send M2 to STA")
7199 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7200 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7201 r_nonce
, uuid_r
, e_pk
)
7202 send_wsc_msg(dev
[0], bssid
, m2
)
7203 eap_id
= (eap_id
+ 1) % 256
7205 logger
.debug("Receive M3 from STA")
7206 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7208 logger
.debug("Send M4 to STA")
7209 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7210 attrs
+= build_attr_msg_type(WPS_M4
)
7211 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7212 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7213 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7214 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7215 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7216 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7217 raw_m4_attrs
= attrs
7218 m4
= build_eap_wsc(1, eap_id
, attrs
)
7219 send_wsc_msg(dev
[0], bssid
, m4
)
7220 eap_id
= (eap_id
+ 1) % 256
7222 logger
.debug("Receive M5 from STA")
7223 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7225 logger
.debug("Send NACK to STA")
7226 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7227 r_nonce
, config_error
='\x01\x24')
7228 send_wsc_msg(dev
[0], bssid
, msg
)
7229 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7231 raise Exception("Failure not reported")
7232 if "msg=9 config_error=292" not in ev
:
7233 raise Exception("Unexpected failure reason: " + ev
)
7235 def wps_nack_m3(dev
, apdev
):
7237 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
7238 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7239 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7240 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7242 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7244 r_nonce
= 16*b
'\x44'
7245 own_private
, e_pk
= wsc_dh_init()
7247 logger
.debug("Receive M1 from STA")
7248 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7249 eap_id
= (msg
['eap_identifier'] + 1) % 256
7251 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7252 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7254 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7255 m1_attrs
[ATTR_PUBLIC_KEY
],
7258 logger
.debug("Send M2 to STA")
7259 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7260 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7261 r_nonce
, uuid_r
, e_pk
, dev_pw_id
='\x00\x04')
7262 send_wsc_msg(dev
[0], bssid
, m2
)
7263 eap_id
= (eap_id
+ 1) % 256
7265 logger
.debug("Receive M3 from STA")
7266 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7267 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
7269 def test_wps_ext_proto_nack_m3_no_config_error(dev
, apdev
):
7270 """WPS and NACK M3 missing Config Error"""
7271 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7272 logger
.debug("Send NACK to STA")
7273 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, config_error
=None)
7274 send_wsc_msg(dev
[0], bssid
, msg
)
7275 dev
[0].request("WPS_CANCEL")
7276 dev
[0].wait_disconnected()
7277 dev
[0].flush_scan_cache()
7279 def test_wps_ext_proto_nack_m3_no_e_nonce(dev
, apdev
):
7280 """WPS and NACK M3 missing E-Nonce"""
7281 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7282 logger
.debug("Send NACK to STA")
7283 msg
, attrs
= build_nack(eap_id
, None, r_nonce
)
7284 send_wsc_msg(dev
[0], bssid
, msg
)
7285 dev
[0].request("WPS_CANCEL")
7286 dev
[0].wait_disconnected()
7287 dev
[0].flush_scan_cache()
7289 def test_wps_ext_proto_nack_m3_e_nonce_mismatch(dev
, apdev
):
7290 """WPS and NACK M3 E-Nonce mismatch"""
7291 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7292 logger
.debug("Send NACK to STA")
7293 msg
, attrs
= build_nack(eap_id
, 16*'\x00', r_nonce
)
7294 send_wsc_msg(dev
[0], bssid
, msg
)
7295 dev
[0].request("WPS_CANCEL")
7296 dev
[0].wait_disconnected()
7297 dev
[0].flush_scan_cache()
7299 def test_wps_ext_proto_nack_m3_no_r_nonce(dev
, apdev
):
7300 """WPS and NACK M3 missing R-Nonce"""
7301 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7302 logger
.debug("Send NACK to STA")
7303 msg
, attrs
= build_nack(eap_id
, e_nonce
, None)
7304 send_wsc_msg(dev
[0], bssid
, msg
)
7305 dev
[0].request("WPS_CANCEL")
7306 dev
[0].wait_disconnected()
7307 dev
[0].flush_scan_cache()
7309 def test_wps_ext_proto_nack_m3_r_nonce_mismatch(dev
, apdev
):
7310 """WPS and NACK M3 R-Nonce mismatch"""
7311 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7312 logger
.debug("Send NACK to STA")
7313 msg
, attrs
= build_nack(eap_id
, e_nonce
, 16*'\x00')
7314 send_wsc_msg(dev
[0], bssid
, msg
)
7315 dev
[0].request("WPS_CANCEL")
7316 dev
[0].wait_disconnected()
7317 dev
[0].flush_scan_cache()
7319 def test_wps_ext_proto_nack_m3_no_msg_type(dev
, apdev
):
7320 """WPS and NACK M3 no Message Type"""
7321 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7322 logger
.debug("Send NACK to STA")
7323 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7324 send_wsc_msg(dev
[0], bssid
, msg
)
7325 dev
[0].request("WPS_CANCEL")
7326 dev
[0].wait_disconnected()
7327 dev
[0].flush_scan_cache()
7329 def test_wps_ext_proto_nack_m3_invalid_msg_type(dev
, apdev
):
7330 """WPS and NACK M3 invalid Message Type"""
7331 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7332 logger
.debug("Send NACK to STA")
7333 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7334 send_wsc_msg(dev
[0], bssid
, msg
)
7335 dev
[0].request("WPS_CANCEL")
7336 dev
[0].wait_disconnected()
7337 dev
[0].flush_scan_cache()
7339 def test_wps_ext_proto_nack_m3_invalid_attr(dev
, apdev
):
7340 """WPS and NACK M3 invalid attribute"""
7341 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7342 logger
.debug("Send NACK to STA")
7343 attrs
= b
'\x10\x10\x00'
7344 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_NACK
)
7345 send_wsc_msg(dev
[0], bssid
, msg
)
7346 dev
[0].request("WPS_CANCEL")
7347 dev
[0].wait_disconnected()
7348 dev
[0].flush_scan_cache()
7350 def test_wps_ext_proto_ack_m3_no_e_nonce(dev
, apdev
):
7351 """WPS and ACK M3 missing E-Nonce"""
7352 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7353 logger
.debug("Send NACK to STA")
7354 msg
, attrs
= build_ack(eap_id
, None, r_nonce
)
7355 send_wsc_msg(dev
[0], bssid
, msg
)
7356 dev
[0].request("WPS_CANCEL")
7357 dev
[0].wait_disconnected()
7358 dev
[0].flush_scan_cache()
7360 def test_wps_ext_proto_ack_m3_e_nonce_mismatch(dev
, apdev
):
7361 """WPS and ACK M3 E-Nonce mismatch"""
7362 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7363 logger
.debug("Send NACK to STA")
7364 msg
, attrs
= build_ack(eap_id
, 16*'\x00', r_nonce
)
7365 send_wsc_msg(dev
[0], bssid
, msg
)
7366 dev
[0].request("WPS_CANCEL")
7367 dev
[0].wait_disconnected()
7368 dev
[0].flush_scan_cache()
7370 def test_wps_ext_proto_ack_m3_no_r_nonce(dev
, apdev
):
7371 """WPS and ACK M3 missing R-Nonce"""
7372 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7373 logger
.debug("Send NACK to STA")
7374 msg
, attrs
= build_ack(eap_id
, e_nonce
, None)
7375 send_wsc_msg(dev
[0], bssid
, msg
)
7376 dev
[0].request("WPS_CANCEL")
7377 dev
[0].wait_disconnected()
7378 dev
[0].flush_scan_cache()
7380 def test_wps_ext_proto_ack_m3_r_nonce_mismatch(dev
, apdev
):
7381 """WPS and ACK M3 R-Nonce mismatch"""
7382 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7383 logger
.debug("Send NACK to STA")
7384 msg
, attrs
= build_ack(eap_id
, e_nonce
, 16*'\x00')
7385 send_wsc_msg(dev
[0], bssid
, msg
)
7386 dev
[0].request("WPS_CANCEL")
7387 dev
[0].wait_disconnected()
7388 dev
[0].flush_scan_cache()
7390 def test_wps_ext_proto_ack_m3_no_msg_type(dev
, apdev
):
7391 """WPS and ACK M3 no Message Type"""
7392 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7393 logger
.debug("Send NACK to STA")
7394 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7395 send_wsc_msg(dev
[0], bssid
, msg
)
7396 dev
[0].request("WPS_CANCEL")
7397 dev
[0].wait_disconnected()
7398 dev
[0].flush_scan_cache()
7400 def test_wps_ext_proto_ack_m3_invalid_msg_type(dev
, apdev
):
7401 """WPS and ACK M3 invalid Message Type"""
7402 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7403 logger
.debug("Send NACK to STA")
7404 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7405 send_wsc_msg(dev
[0], bssid
, msg
)
7406 dev
[0].request("WPS_CANCEL")
7407 dev
[0].wait_disconnected()
7408 dev
[0].flush_scan_cache()
7410 def test_wps_ext_proto_ack_m3_invalid_attr(dev
, apdev
):
7411 """WPS and ACK M3 invalid attribute"""
7412 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7413 logger
.debug("Send ACK to STA")
7414 attrs
= b
'\x10\x10\x00'
7415 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_ACK
)
7416 send_wsc_msg(dev
[0], bssid
, msg
)
7417 dev
[0].request("WPS_CANCEL")
7418 dev
[0].wait_disconnected()
7419 dev
[0].flush_scan_cache()
7421 def test_wps_ext_proto_ack_m3(dev
, apdev
):
7422 """WPS and ACK M3"""
7423 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7424 logger
.debug("Send ACK to STA")
7425 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
)
7426 send_wsc_msg(dev
[0], bssid
, msg
)
7427 dev
[0].request("WPS_CANCEL")
7428 dev
[0].wait_disconnected()
7429 dev
[0].flush_scan_cache()
7431 def wps_to_m3_helper(dev
, apdev
):
7433 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7434 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7435 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7436 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7438 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7440 r_nonce
= 16*b
'\x44'
7441 own_private
, e_pk
= wsc_dh_init()
7443 logger
.debug("Receive M1 from STA")
7444 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7445 eap_id
= (msg
['eap_identifier'] + 1) % 256
7447 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7448 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7450 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7451 m1_attrs
[ATTR_PUBLIC_KEY
],
7454 logger
.debug("Send M2 to STA")
7455 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7456 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7457 r_nonce
, uuid_r
, e_pk
)
7458 send_wsc_msg(dev
[0], bssid
, m2
)
7459 eap_id
= (eap_id
+ 1) % 256
7461 logger
.debug("Receive M3 from STA")
7462 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7463 return eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
7465 def wps_to_m3(dev
, apdev
):
7466 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7467 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, raw_m3_attrs
, authkey
, keywrapkey
7469 def wps_to_m5(dev
, apdev
):
7470 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7472 logger
.debug("Send M4 to STA")
7473 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7474 attrs
+= build_attr_msg_type(WPS_M4
)
7475 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7476 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7477 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7478 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7479 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7480 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7481 raw_m4_attrs
= attrs
7482 m4
= build_eap_wsc(1, eap_id
, attrs
)
7483 send_wsc_msg(dev
[0], bssid
, m4
)
7484 eap_id
= (eap_id
+ 1) % 256
7486 logger
.debug("Receive M5 from STA")
7487 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7489 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, raw_m5_attrs
, authkey
, keywrapkey
7491 def test_wps_ext_proto_m4_missing_r_hash1(dev
, apdev
):
7492 """WPS and no R-Hash1 in M4"""
7493 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7495 logger
.debug("Send M4 to STA")
7496 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7497 attrs
+= build_attr_msg_type(WPS_M4
)
7498 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7499 #attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7500 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7501 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7502 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7503 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7504 m4
= build_eap_wsc(1, eap_id
, attrs
)
7505 send_wsc_msg(dev
[0], bssid
, m4
)
7506 eap_id
= (eap_id
+ 1) % 256
7508 logger
.debug("Receive M5 (NACK) from STA")
7509 msg
= get_wsc_msg(dev
[0])
7510 if msg
['wsc_opcode'] != WSC_NACK
:
7511 raise Exception("Unexpected message - expected WSC_Nack")
7513 dev
[0].request("WPS_CANCEL")
7514 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7515 dev
[0].wait_disconnected()
7517 def test_wps_ext_proto_m4_missing_r_hash2(dev
, apdev
):
7518 """WPS and no R-Hash2 in M4"""
7519 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7521 logger
.debug("Send M4 to STA")
7522 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7523 attrs
+= build_attr_msg_type(WPS_M4
)
7524 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7525 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7526 #attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7527 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7528 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7529 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7530 m4
= build_eap_wsc(1, eap_id
, attrs
)
7531 send_wsc_msg(dev
[0], bssid
, m4
)
7532 eap_id
= (eap_id
+ 1) % 256
7534 logger
.debug("Receive M5 (NACK) from STA")
7535 msg
= get_wsc_msg(dev
[0])
7536 if msg
['wsc_opcode'] != WSC_NACK
:
7537 raise Exception("Unexpected message - expected WSC_Nack")
7539 dev
[0].request("WPS_CANCEL")
7540 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7541 dev
[0].wait_disconnected()
7543 def test_wps_ext_proto_m4_missing_r_snonce1(dev
, apdev
):
7544 """WPS and no R-SNonce1 in M4"""
7545 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7547 logger
.debug("Send M4 to STA")
7548 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7549 attrs
+= build_attr_msg_type(WPS_M4
)
7550 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7551 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7552 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7553 #data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7555 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7556 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7557 m4
= build_eap_wsc(1, eap_id
, attrs
)
7558 send_wsc_msg(dev
[0], bssid
, m4
)
7559 eap_id
= (eap_id
+ 1) % 256
7561 logger
.debug("Receive M5 (NACK) from STA")
7562 msg
= get_wsc_msg(dev
[0])
7563 if msg
['wsc_opcode'] != WSC_NACK
:
7564 raise Exception("Unexpected message - expected WSC_Nack")
7566 dev
[0].request("WPS_CANCEL")
7567 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7568 dev
[0].wait_disconnected()
7570 def test_wps_ext_proto_m4_invalid_pad_string(dev
, apdev
):
7571 """WPS and invalid pad string in M4"""
7572 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7574 logger
.debug("Send M4 to STA")
7575 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7576 attrs
+= build_attr_msg_type(WPS_M4
)
7577 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7578 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7579 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7580 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7582 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7583 kwa
= m
.digest()[0:8]
7584 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7586 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7587 pad_len
= 16 - len(data
) % 16
7588 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', pad_len
- 1)
7590 wrapped
= aes
.encrypt(data
)
7591 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7593 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7594 m4
= build_eap_wsc(1, eap_id
, attrs
)
7595 send_wsc_msg(dev
[0], bssid
, m4
)
7596 eap_id
= (eap_id
+ 1) % 256
7598 logger
.debug("Receive M5 (NACK) from STA")
7599 msg
= get_wsc_msg(dev
[0])
7600 if msg
['wsc_opcode'] != WSC_NACK
:
7601 raise Exception("Unexpected message - expected WSC_Nack")
7603 dev
[0].request("WPS_CANCEL")
7604 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7605 dev
[0].wait_disconnected()
7607 def test_wps_ext_proto_m4_invalid_pad_value(dev
, apdev
):
7608 """WPS and invalid pad value in M4"""
7609 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7611 logger
.debug("Send M4 to STA")
7612 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7613 attrs
+= build_attr_msg_type(WPS_M4
)
7614 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7615 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7616 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7617 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7619 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7620 kwa
= m
.digest()[0:8]
7621 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7623 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7624 pad_len
= 16 - len(data
) % 16
7625 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', 255)
7627 wrapped
= aes
.encrypt(data
)
7628 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7630 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7631 m4
= build_eap_wsc(1, eap_id
, attrs
)
7632 send_wsc_msg(dev
[0], bssid
, m4
)
7633 eap_id
= (eap_id
+ 1) % 256
7635 logger
.debug("Receive M5 (NACK) from STA")
7636 msg
= get_wsc_msg(dev
[0])
7637 if msg
['wsc_opcode'] != WSC_NACK
:
7638 raise Exception("Unexpected message - expected WSC_Nack")
7640 dev
[0].request("WPS_CANCEL")
7641 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7642 dev
[0].wait_disconnected()
7644 def test_wps_ext_proto_m4_no_encr_settings(dev
, apdev
):
7645 """WPS and no Encr Settings in M4"""
7646 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7648 logger
.debug("Send M4 to STA")
7649 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7650 attrs
+= build_attr_msg_type(WPS_M4
)
7651 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7652 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7653 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7654 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7655 m4
= build_eap_wsc(1, eap_id
, attrs
)
7656 send_wsc_msg(dev
[0], bssid
, m4
)
7657 eap_id
= (eap_id
+ 1) % 256
7659 logger
.debug("Receive M5 (NACK) from STA")
7660 msg
= get_wsc_msg(dev
[0])
7661 if msg
['wsc_opcode'] != WSC_NACK
:
7662 raise Exception("Unexpected message - expected WSC_Nack")
7664 dev
[0].request("WPS_CANCEL")
7665 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7666 dev
[0].wait_disconnected()
7668 def test_wps_ext_proto_m6_missing_r_snonce2(dev
, apdev
):
7669 """WPS and no R-SNonce2 in M6"""
7670 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7672 logger
.debug("Send M6 to STA")
7673 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7674 attrs
+= build_attr_msg_type(WPS_M6
)
7675 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7676 #data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7678 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7679 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7680 m6
= build_eap_wsc(1, eap_id
, attrs
)
7681 send_wsc_msg(dev
[0], bssid
, m6
)
7682 eap_id
= (eap_id
+ 1) % 256
7684 logger
.debug("Receive M7 (NACK) from STA")
7685 msg
= get_wsc_msg(dev
[0])
7686 if msg
['wsc_opcode'] != WSC_NACK
:
7687 raise Exception("Unexpected message - expected WSC_Nack")
7689 dev
[0].request("WPS_CANCEL")
7690 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7691 dev
[0].wait_disconnected()
7693 def test_wps_ext_proto_m6_no_encr_settings(dev
, apdev
):
7694 """WPS and no Encr Settings in M6"""
7695 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7697 logger
.debug("Send M6 to STA")
7698 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7699 attrs
+= build_attr_msg_type(WPS_M6
)
7700 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7701 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7702 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7703 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7704 m6
= build_eap_wsc(1, eap_id
, attrs
)
7705 send_wsc_msg(dev
[0], bssid
, m6
)
7706 eap_id
= (eap_id
+ 1) % 256
7708 logger
.debug("Receive M7 (NACK) from STA")
7709 msg
= get_wsc_msg(dev
[0])
7710 if msg
['wsc_opcode'] != WSC_NACK
:
7711 raise Exception("Unexpected message - expected WSC_Nack")
7713 dev
[0].request("WPS_CANCEL")
7714 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7715 dev
[0].wait_disconnected()
7717 def test_wps_ext_proto_m8_no_encr_settings(dev
, apdev
):
7718 """WPS and no Encr Settings in M6"""
7719 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7721 logger
.debug("Send M6 to STA")
7722 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7723 attrs
+= build_attr_msg_type(WPS_M6
)
7724 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7725 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7726 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7727 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7728 raw_m6_attrs
= attrs
7729 m6
= build_eap_wsc(1, eap_id
, attrs
)
7730 send_wsc_msg(dev
[0], bssid
, m6
)
7731 eap_id
= (eap_id
+ 1) % 256
7733 logger
.debug("Receive M7 from STA")
7734 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
7736 logger
.debug("Send M8 to STA")
7737 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7738 attrs
+= build_attr_msg_type(WPS_M8
)
7739 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7740 #attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
7741 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7742 raw_m8_attrs
= attrs
7743 m8
= build_eap_wsc(1, eap_id
, attrs
)
7744 send_wsc_msg(dev
[0], bssid
, m8
)
7746 logger
.debug("Receive WSC_Done (NACK) from STA")
7747 msg
= get_wsc_msg(dev
[0])
7748 if msg
['wsc_opcode'] != WSC_NACK
:
7749 raise Exception("Unexpected message - expected WSC_Nack")
7751 dev
[0].request("WPS_CANCEL")
7752 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7753 dev
[0].wait_disconnected()
7755 def wps_start_ext_reg(apdev
, dev
):
7756 addr
= dev
.own_addr()
7757 bssid
= apdev
['bssid']
7758 ssid
= "test-wps-conf"
7760 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
7761 "wpa_passphrase": "12345678", "wpa": "2",
7762 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
7764 hapd
= hostapd
.add_ap(apdev
, params
)
7766 dev
.scan_for_bss(bssid
, freq
="2412")
7767 hapd
.request("SET ext_eapol_frame_io 1")
7768 dev
.request("SET ext_eapol_frame_io 1")
7770 dev
.request("WPS_REG " + bssid
+ " " + appin
)
7772 return addr
, bssid
, hapd
7774 def wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, success
):
7775 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7776 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7777 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7779 logger
.debug("Receive M1 from AP")
7780 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7781 mac_addr
= m1_attrs
[ATTR_MAC_ADDR
]
7782 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7783 e_pk
= m1_attrs
[ATTR_PUBLIC_KEY
]
7787 r_nonce
= 16*b
'\x44'
7788 own_private
, r_pk
= wsc_dh_init()
7789 authkey
, keywrapkey
= wsc_dh_kdf(e_pk
, own_private
, mac_addr
, e_nonce
,
7791 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, appin
, e_pk
, r_pk
)
7793 logger
.debug("Send M2 to AP")
7794 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, msg
['eap_identifier'],
7795 e_nonce
, r_nonce
, uuid_r
, r_pk
, eap_code
=2)
7796 send_wsc_msg(hapd
, addr
, m2
)
7798 logger
.debug("Receive M3 from AP")
7799 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M3
)
7801 logger
.debug("Send M4 to AP")
7802 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7803 attrs
+= build_attr_msg_type(WPS_M4
)
7804 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7805 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7806 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7807 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7808 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7809 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7810 raw_m4_attrs
= attrs
7811 m4
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7812 send_wsc_msg(hapd
, addr
, m4
)
7814 logger
.debug("Receive M5 from AP")
7815 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M5
)
7817 logger
.debug("Send M6 to STA")
7818 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7819 attrs
+= build_attr_msg_type(WPS_M6
)
7820 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7821 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7822 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7823 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
7824 raw_m6_attrs
= attrs
7825 m6
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7826 send_wsc_msg(hapd
, addr
, m6
)
7828 logger
.debug("Receive M7 from AP")
7829 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M7
)
7831 logger
.debug("Send M8 to STA")
7832 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7833 attrs
+= build_attr_msg_type(WPS_M8
)
7834 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7836 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, ap_settings
)
7837 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7838 raw_m8_attrs
= attrs
7839 m8
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7840 send_wsc_msg(hapd
, addr
, m8
)
7843 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
7845 raise Exception("New AP settings not reported")
7846 logger
.debug("Receive WSC_Done from AP")
7847 msg
= get_wsc_msg(hapd
)
7848 if msg
['wsc_opcode'] != WSC_Done
:
7849 raise Exception("Unexpected message - expected WSC_Done")
7851 logger
.debug("Send WSC_ACK to AP")
7852 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7854 send_wsc_msg(hapd
, addr
, ack
)
7855 dev
[0].wait_disconnected()
7857 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
7859 raise Exception("WPS failure not reported")
7860 logger
.debug("Receive WSC_NACK from AP")
7861 msg
= get_wsc_msg(hapd
)
7862 if msg
['wsc_opcode'] != WSC_NACK
:
7863 raise Exception("Unexpected message - expected WSC_NACK")
7865 logger
.debug("Send WSC_NACK to AP")
7866 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7868 send_wsc_msg(hapd
, addr
, nack
)
7869 dev
[0].wait_disconnected()
7871 def test_wps_ext_ap_settings_success(dev
, apdev
):
7872 """WPS and AP Settings: success"""
7873 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7874 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7875 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7876 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7877 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7878 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7879 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7882 def test_wps_ext_ap_settings_missing(dev
, apdev
):
7883 """WPS and AP Settings: missing"""
7884 wps_run_ap_settings_proto(dev
, apdev
, None, False)
7887 def test_wps_ext_ap_settings_mac_addr_mismatch(dev
, apdev
):
7888 """WPS and AP Settings: MAC Address mismatch"""
7889 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7890 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7891 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7892 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7893 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7894 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, '\x00\x00\x00\x00\x00\x00')
7895 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7898 def test_wps_ext_ap_settings_mac_addr_missing(dev
, apdev
):
7899 """WPS and AP Settings: missing MAC Address"""
7900 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7901 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7902 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7903 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7904 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7905 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7908 def test_wps_ext_ap_settings_reject_encr_type(dev
, apdev
):
7909 """WPS and AP Settings: reject Encr Type"""
7910 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7911 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7912 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7913 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x00')
7914 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7915 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7916 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7919 def test_wps_ext_ap_settings_m2d(dev
, apdev
):
7920 """WPS and AP Settings: M2D"""
7921 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7922 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7923 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7925 logger
.debug("Receive M1 from AP")
7926 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7927 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7932 logger
.debug("Send M2D to AP")
7933 m2d
, raw_m2d_attrs
= build_m2d(raw_m1_attrs
, msg
['eap_identifier'],
7934 e_nonce
, r_nonce
, uuid_r
,
7935 dev_pw_id
='\x00\x00', eap_code
=2)
7936 send_wsc_msg(hapd
, addr
, m2d
)
7938 ev
= hapd
.wait_event(["WPS-M2D"], timeout
=5)
7940 raise Exception("M2D not reported")
7942 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
7944 def wps_wait_ap_nack(hapd
, dev
, e_nonce
, r_nonce
):
7945 logger
.debug("Receive WSC_NACK from AP")
7946 msg
= get_wsc_msg(hapd
)
7947 if msg
['wsc_opcode'] != WSC_NACK
:
7948 raise Exception("Unexpected message - expected WSC_NACK")
7950 logger
.debug("Send WSC_NACK to AP")
7951 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7953 send_wsc_msg(hapd
, dev
.own_addr(), nack
)
7954 dev
.wait_disconnected()
7957 def test_wps_ext_m3_missing_e_hash1(dev
, apdev
):
7958 """WPS proto: M3 missing E-Hash1"""
7960 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7961 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7962 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7964 logger
.debug("Receive WSC/Start from AP")
7965 msg
= get_wsc_msg(hapd
)
7966 if msg
['wsc_opcode'] != WSC_Start
:
7967 raise Exception("Unexpected Op-Code for WSC/Start")
7969 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7971 e_nonce
= 16*b
'\x22'
7972 own_private
, e_pk
= wsc_dh_init()
7974 logger
.debug("Send M1 to AP")
7975 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
7977 send_wsc_msg(hapd
, addr
, m1
)
7979 logger
.debug("Receive M2 from AP")
7980 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
7981 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
7982 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
7984 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
7986 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
7988 logger
.debug("Send M3 to AP")
7989 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7990 attrs
+= build_attr_msg_type(WPS_M3
)
7991 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
7992 #attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
7993 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
7994 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
7995 raw_m3_attrs
= attrs
7996 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7997 send_wsc_msg(hapd
, addr
, m3
)
7999 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8002 def test_wps_ext_m3_missing_e_hash2(dev
, apdev
):
8003 """WPS proto: M3 missing E-Hash2"""
8005 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8006 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8007 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8009 logger
.debug("Receive WSC/Start from AP")
8010 msg
= get_wsc_msg(hapd
)
8011 if msg
['wsc_opcode'] != WSC_Start
:
8012 raise Exception("Unexpected Op-Code for WSC/Start")
8014 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8016 e_nonce
= 16*b
'\x22'
8017 own_private
, e_pk
= wsc_dh_init()
8019 logger
.debug("Send M1 to AP")
8020 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8022 send_wsc_msg(hapd
, addr
, m1
)
8024 logger
.debug("Receive M2 from AP")
8025 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8026 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8027 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8029 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8031 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8033 logger
.debug("Send M3 to AP")
8034 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8035 attrs
+= build_attr_msg_type(WPS_M3
)
8036 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8037 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8038 #attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8039 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8040 raw_m3_attrs
= attrs
8041 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8042 send_wsc_msg(hapd
, addr
, m3
)
8044 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8047 def test_wps_ext_m5_missing_e_snonce1(dev
, apdev
):
8048 """WPS proto: M5 missing E-SNonce1"""
8050 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8051 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8052 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8054 logger
.debug("Receive WSC/Start from AP")
8055 msg
= get_wsc_msg(hapd
)
8056 if msg
['wsc_opcode'] != WSC_Start
:
8057 raise Exception("Unexpected Op-Code for WSC/Start")
8059 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8061 e_nonce
= 16*b
'\x22'
8062 own_private
, e_pk
= wsc_dh_init()
8064 logger
.debug("Send M1 to AP")
8065 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8067 send_wsc_msg(hapd
, addr
, m1
)
8069 logger
.debug("Receive M2 from AP")
8070 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8071 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8072 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8074 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8076 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8078 logger
.debug("Send M3 to AP")
8079 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8080 attrs
+= build_attr_msg_type(WPS_M3
)
8081 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8082 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8083 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8084 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8085 raw_m3_attrs
= attrs
8086 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8087 send_wsc_msg(hapd
, addr
, m3
)
8089 logger
.debug("Receive M4 from AP")
8090 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8092 logger
.debug("Send M5 to AP")
8093 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8094 attrs
+= build_attr_msg_type(WPS_M5
)
8095 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8096 #data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8098 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8099 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8100 raw_m5_attrs
= attrs
8101 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8102 send_wsc_msg(hapd
, addr
, m5
)
8104 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8107 def test_wps_ext_m5_e_snonce1_mismatch(dev
, apdev
):
8108 """WPS proto: M5 E-SNonce1 mismatch"""
8110 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8111 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8112 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8114 logger
.debug("Receive WSC/Start from AP")
8115 msg
= get_wsc_msg(hapd
)
8116 if msg
['wsc_opcode'] != WSC_Start
:
8117 raise Exception("Unexpected Op-Code for WSC/Start")
8119 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8121 e_nonce
= 16*b
'\x22'
8122 own_private
, e_pk
= wsc_dh_init()
8124 logger
.debug("Send M1 to AP")
8125 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8127 send_wsc_msg(hapd
, addr
, m1
)
8129 logger
.debug("Receive M2 from AP")
8130 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8131 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8132 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8134 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8136 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8138 logger
.debug("Send M3 to AP")
8139 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8140 attrs
+= build_attr_msg_type(WPS_M3
)
8141 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8142 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8143 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8144 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8145 raw_m3_attrs
= attrs
8146 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8147 send_wsc_msg(hapd
, addr
, m3
)
8149 logger
.debug("Receive M4 from AP")
8150 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8152 logger
.debug("Send M5 to AP")
8153 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8154 attrs
+= build_attr_msg_type(WPS_M5
)
8155 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8156 data
= build_wsc_attr(ATTR_E_SNONCE1
, 16*'\x00')
8157 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8158 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8159 raw_m5_attrs
= attrs
8160 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8161 send_wsc_msg(hapd
, addr
, m5
)
8163 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8165 def test_wps_ext_m7_missing_e_snonce2(dev
, apdev
):
8166 """WPS proto: M7 missing E-SNonce2"""
8168 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8169 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8170 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8172 logger
.debug("Receive WSC/Start from AP")
8173 msg
= get_wsc_msg(hapd
)
8174 if msg
['wsc_opcode'] != WSC_Start
:
8175 raise Exception("Unexpected Op-Code for WSC/Start")
8177 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8179 e_nonce
= 16*b
'\x22'
8180 own_private
, e_pk
= wsc_dh_init()
8182 logger
.debug("Send M1 to AP")
8183 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8185 send_wsc_msg(hapd
, addr
, m1
)
8187 logger
.debug("Receive M2 from AP")
8188 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8189 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8190 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8192 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8194 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8196 logger
.debug("Send M3 to AP")
8197 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8198 attrs
+= build_attr_msg_type(WPS_M3
)
8199 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8200 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8201 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8202 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8203 raw_m3_attrs
= attrs
8204 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8205 send_wsc_msg(hapd
, addr
, m3
)
8207 logger
.debug("Receive M4 from AP")
8208 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8210 logger
.debug("Send M5 to AP")
8211 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8212 attrs
+= build_attr_msg_type(WPS_M5
)
8213 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8214 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8215 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8216 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8217 raw_m5_attrs
= attrs
8218 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8219 send_wsc_msg(hapd
, addr
, m5
)
8221 logger
.debug("Receive M6 from AP")
8222 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8224 logger
.debug("Send M7 to AP")
8225 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8226 attrs
+= build_attr_msg_type(WPS_M7
)
8227 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8228 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
8230 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8231 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8232 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8233 raw_m7_attrs
= attrs
8234 send_wsc_msg(hapd
, addr
, m7
)
8236 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8239 def test_wps_ext_m7_e_snonce2_mismatch(dev
, apdev
):
8240 """WPS proto: M7 E-SNonce2 mismatch"""
8242 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8243 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8244 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8246 logger
.debug("Receive WSC/Start from AP")
8247 msg
= get_wsc_msg(hapd
)
8248 if msg
['wsc_opcode'] != WSC_Start
:
8249 raise Exception("Unexpected Op-Code for WSC/Start")
8251 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8253 e_nonce
= 16*b
'\x22'
8254 own_private
, e_pk
= wsc_dh_init()
8256 logger
.debug("Send M1 to AP")
8257 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8259 send_wsc_msg(hapd
, addr
, m1
)
8261 logger
.debug("Receive M2 from AP")
8262 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8263 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8264 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8266 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8268 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8270 logger
.debug("Send M3 to AP")
8271 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8272 attrs
+= build_attr_msg_type(WPS_M3
)
8273 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8274 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8275 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8276 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8277 raw_m3_attrs
= attrs
8278 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8279 send_wsc_msg(hapd
, addr
, m3
)
8281 logger
.debug("Receive M4 from AP")
8282 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8284 logger
.debug("Send M5 to AP")
8285 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8286 attrs
+= build_attr_msg_type(WPS_M5
)
8287 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8288 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8289 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8290 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8291 raw_m5_attrs
= attrs
8292 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8293 send_wsc_msg(hapd
, addr
, m5
)
8295 logger
.debug("Receive M6 from AP")
8296 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8298 logger
.debug("Send M7 to AP")
8299 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8300 attrs
+= build_attr_msg_type(WPS_M7
)
8301 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8302 data
= build_wsc_attr(ATTR_E_SNONCE2
, 16*'\x00')
8303 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8304 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8305 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8306 raw_m7_attrs
= attrs
8307 send_wsc_msg(hapd
, addr
, m7
)
8309 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8312 def test_wps_ext_m1_pubkey_oom(dev
, apdev
):
8313 """WPS proto: M1 PubKey OOM"""
8315 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8316 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8317 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8319 logger
.debug("Receive WSC/Start from AP")
8320 msg
= get_wsc_msg(hapd
)
8321 if msg
['wsc_opcode'] != WSC_Start
:
8322 raise Exception("Unexpected Op-Code for WSC/Start")
8324 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8327 own_private
, e_pk
= wsc_dh_init()
8329 logger
.debug("Send M1 to AP")
8330 with
alloc_fail(hapd
, 1, "wpabuf_alloc_copy;wps_process_pubkey"):
8331 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8333 send_wsc_msg(hapd
, addr
, m1
)
8334 wps_wait_eap_failure(hapd
, dev
[0])
8336 def wps_wait_eap_failure(hapd
, dev
):
8337 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8339 raise Exception("EAP-Failure not reported")
8340 dev
.wait_disconnected()
8343 def test_wps_ext_m3_m1(dev
, apdev
):
8344 """WPS proto: M3 replaced with M1"""
8346 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8347 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8348 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8350 logger
.debug("Receive WSC/Start from AP")
8351 msg
= get_wsc_msg(hapd
)
8352 if msg
['wsc_opcode'] != WSC_Start
:
8353 raise Exception("Unexpected Op-Code for WSC/Start")
8355 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8357 e_nonce
= 16*b
'\x22'
8358 own_private
, e_pk
= wsc_dh_init()
8360 logger
.debug("Send M1 to AP")
8361 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8363 send_wsc_msg(hapd
, addr
, m1
)
8365 logger
.debug("Receive M2 from AP")
8366 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8367 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8368 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8370 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8372 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8374 logger
.debug("Send M3(M1) to AP")
8375 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8376 attrs
+= build_attr_msg_type(WPS_M1
)
8377 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8378 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8379 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8380 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8381 raw_m3_attrs
= attrs
8382 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8383 send_wsc_msg(hapd
, addr
, m3
)
8385 wps_wait_eap_failure(hapd
, dev
[0])
8388 def test_wps_ext_m5_m3(dev
, apdev
):
8389 """WPS proto: M5 replaced with M3"""
8391 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8392 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8393 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8395 logger
.debug("Receive WSC/Start from AP")
8396 msg
= get_wsc_msg(hapd
)
8397 if msg
['wsc_opcode'] != WSC_Start
:
8398 raise Exception("Unexpected Op-Code for WSC/Start")
8400 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8402 e_nonce
= 16*b
'\x22'
8403 own_private
, e_pk
= wsc_dh_init()
8405 logger
.debug("Send M1 to AP")
8406 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8408 send_wsc_msg(hapd
, addr
, m1
)
8410 logger
.debug("Receive M2 from AP")
8411 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8412 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8413 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8415 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8417 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8419 logger
.debug("Send M3 to AP")
8420 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8421 attrs
+= build_attr_msg_type(WPS_M3
)
8422 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8423 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8424 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8425 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8426 raw_m3_attrs
= attrs
8427 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8428 send_wsc_msg(hapd
, addr
, m3
)
8430 logger
.debug("Receive M4 from AP")
8431 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8433 logger
.debug("Send M5(M3) to AP")
8434 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8435 attrs
+= build_attr_msg_type(WPS_M3
)
8436 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8437 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8438 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8439 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8440 raw_m5_attrs
= attrs
8441 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8442 send_wsc_msg(hapd
, addr
, m5
)
8444 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8447 def test_wps_ext_m3_m2(dev
, apdev
):
8448 """WPS proto: M3 replaced with M2"""
8450 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8451 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8452 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8454 logger
.debug("Receive WSC/Start from AP")
8455 msg
= get_wsc_msg(hapd
)
8456 if msg
['wsc_opcode'] != WSC_Start
:
8457 raise Exception("Unexpected Op-Code for WSC/Start")
8459 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8461 e_nonce
= 16*b
'\x22'
8462 own_private
, e_pk
= wsc_dh_init()
8464 logger
.debug("Send M1 to AP")
8465 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8467 send_wsc_msg(hapd
, addr
, m1
)
8469 logger
.debug("Receive M2 from AP")
8470 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8471 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8472 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8474 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8476 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8478 logger
.debug("Send M3(M2) to AP")
8479 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8480 attrs
+= build_attr_msg_type(WPS_M2
)
8481 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8482 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8483 raw_m3_attrs
= attrs
8484 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8485 send_wsc_msg(hapd
, addr
, m3
)
8487 wps_wait_eap_failure(hapd
, dev
[0])
8490 def test_wps_ext_m3_m5(dev
, apdev
):
8491 """WPS proto: M3 replaced with M5"""
8493 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8494 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8495 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8497 logger
.debug("Receive WSC/Start from AP")
8498 msg
= get_wsc_msg(hapd
)
8499 if msg
['wsc_opcode'] != WSC_Start
:
8500 raise Exception("Unexpected Op-Code for WSC/Start")
8502 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8504 e_nonce
= 16*b
'\x22'
8505 own_private
, e_pk
= wsc_dh_init()
8507 logger
.debug("Send M1 to AP")
8508 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8510 send_wsc_msg(hapd
, addr
, m1
)
8512 logger
.debug("Receive M2 from AP")
8513 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8514 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8515 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8517 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8519 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8521 logger
.debug("Send M3(M5) to AP")
8522 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8523 attrs
+= build_attr_msg_type(WPS_M5
)
8524 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8525 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8526 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8527 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8528 raw_m3_attrs
= attrs
8529 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8530 send_wsc_msg(hapd
, addr
, m3
)
8532 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8535 def test_wps_ext_m3_m7(dev
, apdev
):
8536 """WPS proto: M3 replaced with M7"""
8538 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8539 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8540 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8542 logger
.debug("Receive WSC/Start from AP")
8543 msg
= get_wsc_msg(hapd
)
8544 if msg
['wsc_opcode'] != WSC_Start
:
8545 raise Exception("Unexpected Op-Code for WSC/Start")
8547 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8549 e_nonce
= 16*b
'\x22'
8550 own_private
, e_pk
= wsc_dh_init()
8552 logger
.debug("Send M1 to AP")
8553 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8555 send_wsc_msg(hapd
, addr
, m1
)
8557 logger
.debug("Receive M2 from AP")
8558 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8559 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8560 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8562 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8564 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8566 logger
.debug("Send M3(M7) to AP")
8567 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8568 attrs
+= build_attr_msg_type(WPS_M7
)
8569 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8570 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8571 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8572 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8573 raw_m3_attrs
= attrs
8574 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8575 send_wsc_msg(hapd
, addr
, m3
)
8577 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8580 def test_wps_ext_m3_done(dev
, apdev
):
8581 """WPS proto: M3 replaced with WSC_Done"""
8583 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8584 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8585 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8587 logger
.debug("Receive WSC/Start from AP")
8588 msg
= get_wsc_msg(hapd
)
8589 if msg
['wsc_opcode'] != WSC_Start
:
8590 raise Exception("Unexpected Op-Code for WSC/Start")
8592 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8594 e_nonce
= 16*b
'\x22'
8595 own_private
, e_pk
= wsc_dh_init()
8597 logger
.debug("Send M1 to AP")
8598 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8600 send_wsc_msg(hapd
, addr
, m1
)
8602 logger
.debug("Receive M2 from AP")
8603 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8604 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8605 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8607 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8609 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8611 logger
.debug("Send M3(WSC_Done) to AP")
8612 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8613 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
8614 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8615 raw_m3_attrs
= attrs
8616 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
8617 send_wsc_msg(hapd
, addr
, m3
)
8619 wps_wait_eap_failure(hapd
, dev
[0])
8622 def test_wps_ext_m2_nack_invalid(dev
, apdev
):
8623 """WPS proto: M2 followed by invalid NACK"""
8625 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8626 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8627 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8629 logger
.debug("Receive WSC/Start from AP")
8630 msg
= get_wsc_msg(hapd
)
8631 if msg
['wsc_opcode'] != WSC_Start
:
8632 raise Exception("Unexpected Op-Code for WSC/Start")
8634 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8636 e_nonce
= 16*b
'\x22'
8637 own_private
, e_pk
= wsc_dh_init()
8639 logger
.debug("Send M1 to AP")
8640 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8642 send_wsc_msg(hapd
, addr
, m1
)
8644 logger
.debug("Receive M2 from AP")
8645 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8646 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8647 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8649 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8651 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8653 logger
.debug("Send WSC_NACK to AP")
8654 attrs
= b
'\x10\x00\x00'
8655 nack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_NACK
)
8656 send_wsc_msg(hapd
, addr
, nack
)
8658 wps_wait_eap_failure(hapd
, dev
[0])
8661 def test_wps_ext_m2_nack_no_msg_type(dev
, apdev
):
8662 """WPS proto: M2 followed by NACK without Msg Type"""
8664 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8665 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8666 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8668 logger
.debug("Receive WSC/Start from AP")
8669 msg
= get_wsc_msg(hapd
)
8670 if msg
['wsc_opcode'] != WSC_Start
:
8671 raise Exception("Unexpected Op-Code for WSC/Start")
8673 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8675 e_nonce
= 16*b
'\x22'
8676 own_private
, e_pk
= wsc_dh_init()
8678 logger
.debug("Send M1 to AP")
8679 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8681 send_wsc_msg(hapd
, addr
, m1
)
8683 logger
.debug("Receive M2 from AP")
8684 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8685 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8686 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8688 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8690 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8692 logger
.debug("Send WSC_NACK to AP")
8693 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8694 msg_type
=None, eap_code
=2)
8695 send_wsc_msg(hapd
, addr
, nack
)
8697 wps_wait_eap_failure(hapd
, dev
[0])
8700 def test_wps_ext_m2_nack_invalid_msg_type(dev
, apdev
):
8701 """WPS proto: M2 followed by NACK with invalid Msg Type"""
8703 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8704 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8705 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8707 logger
.debug("Receive WSC/Start from AP")
8708 msg
= get_wsc_msg(hapd
)
8709 if msg
['wsc_opcode'] != WSC_Start
:
8710 raise Exception("Unexpected Op-Code for WSC/Start")
8712 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8714 e_nonce
= 16*b
'\x22'
8715 own_private
, e_pk
= wsc_dh_init()
8717 logger
.debug("Send M1 to AP")
8718 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8720 send_wsc_msg(hapd
, addr
, m1
)
8722 logger
.debug("Receive M2 from AP")
8723 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8724 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8725 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8727 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8729 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8731 logger
.debug("Send WSC_NACK to AP")
8732 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8733 msg_type
=WPS_WSC_ACK
, eap_code
=2)
8734 send_wsc_msg(hapd
, addr
, nack
)
8736 wps_wait_eap_failure(hapd
, dev
[0])
8739 def test_wps_ext_m2_nack_e_nonce_mismatch(dev
, apdev
):
8740 """WPS proto: M2 followed by NACK with e-nonce mismatch"""
8742 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8743 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8744 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8746 logger
.debug("Receive WSC/Start from AP")
8747 msg
= get_wsc_msg(hapd
)
8748 if msg
['wsc_opcode'] != WSC_Start
:
8749 raise Exception("Unexpected Op-Code for WSC/Start")
8751 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8753 e_nonce
= 16*b
'\x22'
8754 own_private
, e_pk
= wsc_dh_init()
8756 logger
.debug("Send M1 to AP")
8757 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8759 send_wsc_msg(hapd
, addr
, m1
)
8761 logger
.debug("Receive M2 from AP")
8762 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8763 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8764 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8766 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8768 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8770 logger
.debug("Send WSC_NACK to AP")
8771 nack
, attrs
= build_nack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
8773 send_wsc_msg(hapd
, addr
, nack
)
8775 wps_wait_eap_failure(hapd
, dev
[0])
8778 def test_wps_ext_m2_nack_no_config_error(dev
, apdev
):
8779 """WPS proto: M2 followed by NACK without Config Error"""
8781 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8782 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8783 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8785 logger
.debug("Receive WSC/Start from AP")
8786 msg
= get_wsc_msg(hapd
)
8787 if msg
['wsc_opcode'] != WSC_Start
:
8788 raise Exception("Unexpected Op-Code for WSC/Start")
8790 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8792 e_nonce
= 16*b
'\x22'
8793 own_private
, e_pk
= wsc_dh_init()
8795 logger
.debug("Send M1 to AP")
8796 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8798 send_wsc_msg(hapd
, addr
, m1
)
8800 logger
.debug("Receive M2 from AP")
8801 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8802 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8803 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8805 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8807 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8809 logger
.debug("Send WSC_NACK to AP")
8810 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8811 config_error
=None, eap_code
=2)
8812 send_wsc_msg(hapd
, addr
, nack
)
8814 wps_wait_eap_failure(hapd
, dev
[0])
8817 def test_wps_ext_m2_ack_invalid(dev
, apdev
):
8818 """WPS proto: M2 followed by invalid ACK"""
8820 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8821 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8822 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8824 logger
.debug("Receive WSC/Start from AP")
8825 msg
= get_wsc_msg(hapd
)
8826 if msg
['wsc_opcode'] != WSC_Start
:
8827 raise Exception("Unexpected Op-Code for WSC/Start")
8829 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8831 e_nonce
= 16*b
'\x22'
8832 own_private
, e_pk
= wsc_dh_init()
8834 logger
.debug("Send M1 to AP")
8835 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8837 send_wsc_msg(hapd
, addr
, m1
)
8839 logger
.debug("Receive M2 from AP")
8840 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8841 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8842 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8844 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8846 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8848 logger
.debug("Send WSC_ACK to AP")
8849 attrs
= b
'\x10\x00\x00'
8850 ack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_ACK
)
8851 send_wsc_msg(hapd
, addr
, ack
)
8853 wps_wait_eap_failure(hapd
, dev
[0])
8856 def test_wps_ext_m2_ack(dev
, apdev
):
8857 """WPS proto: M2 followed by ACK"""
8859 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8860 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8861 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8863 logger
.debug("Receive WSC/Start from AP")
8864 msg
= get_wsc_msg(hapd
)
8865 if msg
['wsc_opcode'] != WSC_Start
:
8866 raise Exception("Unexpected Op-Code for WSC/Start")
8868 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8870 e_nonce
= 16*b
'\x22'
8871 own_private
, e_pk
= wsc_dh_init()
8873 logger
.debug("Send M1 to AP")
8874 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8876 send_wsc_msg(hapd
, addr
, m1
)
8878 logger
.debug("Receive M2 from AP")
8879 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8880 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8881 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8883 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8885 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8887 logger
.debug("Send WSC_ACK to AP")
8888 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
, eap_code
=2)
8889 send_wsc_msg(hapd
, addr
, ack
)
8891 wps_wait_eap_failure(hapd
, dev
[0])
8894 def test_wps_ext_m2_ack_no_msg_type(dev
, apdev
):
8895 """WPS proto: M2 followed by ACK missing Msg Type"""
8897 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8898 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8899 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8901 logger
.debug("Receive WSC/Start from AP")
8902 msg
= get_wsc_msg(hapd
)
8903 if msg
['wsc_opcode'] != WSC_Start
:
8904 raise Exception("Unexpected Op-Code for WSC/Start")
8906 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8908 e_nonce
= 16*b
'\x22'
8909 own_private
, e_pk
= wsc_dh_init()
8911 logger
.debug("Send M1 to AP")
8912 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8914 send_wsc_msg(hapd
, addr
, m1
)
8916 logger
.debug("Receive M2 from AP")
8917 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8918 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8919 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8921 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8923 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8925 logger
.debug("Send WSC_ACK to AP")
8926 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8927 msg_type
=None, eap_code
=2)
8928 send_wsc_msg(hapd
, addr
, ack
)
8930 wps_wait_eap_failure(hapd
, dev
[0])
8933 def test_wps_ext_m2_ack_invalid_msg_type(dev
, apdev
):
8934 """WPS proto: M2 followed by ACK with invalid Msg Type"""
8936 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8937 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8938 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8940 logger
.debug("Receive WSC/Start from AP")
8941 msg
= get_wsc_msg(hapd
)
8942 if msg
['wsc_opcode'] != WSC_Start
:
8943 raise Exception("Unexpected Op-Code for WSC/Start")
8945 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8947 e_nonce
= 16*b
'\x22'
8948 own_private
, e_pk
= wsc_dh_init()
8950 logger
.debug("Send M1 to AP")
8951 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8953 send_wsc_msg(hapd
, addr
, m1
)
8955 logger
.debug("Receive M2 from AP")
8956 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8957 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8958 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8960 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8962 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8964 logger
.debug("Send WSC_ACK to AP")
8965 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8966 msg_type
=WPS_WSC_NACK
, eap_code
=2)
8967 send_wsc_msg(hapd
, addr
, ack
)
8969 wps_wait_eap_failure(hapd
, dev
[0])
8972 def test_wps_ext_m2_ack_e_nonce_mismatch(dev
, apdev
):
8973 """WPS proto: M2 followed by ACK with e-nonce mismatch"""
8975 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8976 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8977 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8979 logger
.debug("Receive WSC/Start from AP")
8980 msg
= get_wsc_msg(hapd
)
8981 if msg
['wsc_opcode'] != WSC_Start
:
8982 raise Exception("Unexpected Op-Code for WSC/Start")
8984 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8986 e_nonce
= 16*b
'\x22'
8987 own_private
, e_pk
= wsc_dh_init()
8989 logger
.debug("Send M1 to AP")
8990 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8992 send_wsc_msg(hapd
, addr
, m1
)
8994 logger
.debug("Receive M2 from AP")
8995 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8996 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8997 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8999 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9001 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9003 logger
.debug("Send WSC_ACK to AP")
9004 ack
, attrs
= build_ack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
9006 send_wsc_msg(hapd
, addr
, ack
)
9008 wps_wait_eap_failure(hapd
, dev
[0])
9011 def test_wps_ext_m1_invalid(dev
, apdev
):
9012 """WPS proto: M1 failing parsing"""
9014 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9015 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9016 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9018 logger
.debug("Receive WSC/Start from AP")
9019 msg
= get_wsc_msg(hapd
)
9020 if msg
['wsc_opcode'] != WSC_Start
:
9021 raise Exception("Unexpected Op-Code for WSC/Start")
9023 logger
.debug("Send M1 to AP")
9024 attrs
= b
'\x10\x00\x00'
9025 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9026 send_wsc_msg(hapd
, addr
, m1
)
9028 wps_wait_eap_failure(hapd
, dev
[0])
9030 def test_wps_ext_m1_missing_msg_type(dev
, apdev
):
9031 """WPS proto: M1 missing Msg Type"""
9033 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9034 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9035 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9037 logger
.debug("Receive WSC/Start from AP")
9038 msg
= get_wsc_msg(hapd
)
9039 if msg
['wsc_opcode'] != WSC_Start
:
9040 raise Exception("Unexpected Op-Code for WSC/Start")
9042 logger
.debug("Send M1 to AP")
9043 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9044 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9045 send_wsc_msg(hapd
, addr
, m1
)
9047 wps_wait_ap_nack(hapd
, dev
[0], 16*b
'\x00', 16*b
'\x00')
9049 def wps_ext_wsc_done(dev
, apdev
):
9051 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9052 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9053 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9055 logger
.debug("Receive WSC/Start from AP")
9056 msg
= get_wsc_msg(hapd
)
9057 if msg
['wsc_opcode'] != WSC_Start
:
9058 raise Exception("Unexpected Op-Code for WSC/Start")
9060 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9062 e_nonce
= 16*b
'\x22'
9063 own_private
, e_pk
= wsc_dh_init()
9065 logger
.debug("Send M1 to AP")
9066 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9068 send_wsc_msg(hapd
, addr
, m1
)
9070 logger
.debug("Receive M2 from AP")
9071 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9072 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9073 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9075 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9077 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9079 logger
.debug("Send M3 to AP")
9080 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9081 attrs
+= build_attr_msg_type(WPS_M3
)
9082 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9083 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9084 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9085 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9086 raw_m3_attrs
= attrs
9087 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9088 send_wsc_msg(hapd
, addr
, m3
)
9090 logger
.debug("Receive M4 from AP")
9091 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9093 logger
.debug("Send M5 to AP")
9094 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9095 attrs
+= build_attr_msg_type(WPS_M5
)
9096 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9097 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9098 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9099 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9100 raw_m5_attrs
= attrs
9101 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9102 send_wsc_msg(hapd
, addr
, m5
)
9104 logger
.debug("Receive M6 from AP")
9105 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9107 logger
.debug("Send M7 to AP")
9108 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9109 attrs
+= build_attr_msg_type(WPS_M7
)
9110 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9111 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
9112 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9113 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9114 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9115 raw_m7_attrs
= attrs
9116 send_wsc_msg(hapd
, addr
, m7
)
9118 logger
.debug("Receive M8 from AP")
9119 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
9120 return hapd
, msg
, e_nonce
, r_nonce
9123 def test_wps_ext_wsc_done_invalid(dev
, apdev
):
9124 """WPS proto: invalid WSC_Done"""
9125 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9127 logger
.debug("Send WSC_Done to AP")
9128 attrs
= b
'\x10\x00\x00'
9129 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9130 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9132 wps_wait_eap_failure(hapd
, dev
[0])
9135 def test_wps_ext_wsc_done_no_msg_type(dev
, apdev
):
9136 """WPS proto: invalid WSC_Done"""
9137 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9139 logger
.debug("Send WSC_Done to AP")
9140 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9141 #attrs += build_attr_msg_type(WPS_WSC_DONE)
9142 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9143 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9144 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9145 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9147 wps_wait_eap_failure(hapd
, dev
[0])
9150 def test_wps_ext_wsc_done_wrong_msg_type(dev
, apdev
):
9151 """WPS proto: WSC_Done with wrong Msg Type"""
9152 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9154 logger
.debug("Send WSC_Done to AP")
9155 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9156 attrs
+= build_attr_msg_type(WPS_WSC_ACK
)
9157 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9158 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9159 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9160 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9162 wps_wait_eap_failure(hapd
, dev
[0])
9165 def test_wps_ext_wsc_done_no_e_nonce(dev
, apdev
):
9166 """WPS proto: WSC_Done without e_nonce"""
9167 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9169 logger
.debug("Send WSC_Done to AP")
9170 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9171 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9172 #attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9173 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9174 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9175 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9177 wps_wait_eap_failure(hapd
, dev
[0])
9179 def test_wps_ext_wsc_done_no_r_nonce(dev
, apdev
):
9180 """WPS proto: WSC_Done without r_nonce"""
9181 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9183 logger
.debug("Send WSC_Done to AP")
9184 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9185 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9186 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9187 #attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9188 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9189 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9191 wps_wait_eap_failure(hapd
, dev
[0])
9194 def test_wps_ext_m7_no_encr_settings(dev
, apdev
):
9195 """WPS proto: M7 without Encr Settings"""
9197 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9198 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9199 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9201 logger
.debug("Receive WSC/Start from AP")
9202 msg
= get_wsc_msg(hapd
)
9203 if msg
['wsc_opcode'] != WSC_Start
:
9204 raise Exception("Unexpected Op-Code for WSC/Start")
9206 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9208 e_nonce
= 16*b
'\x22'
9209 own_private
, e_pk
= wsc_dh_init()
9211 logger
.debug("Send M1 to AP")
9212 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9214 send_wsc_msg(hapd
, addr
, m1
)
9216 logger
.debug("Receive M2 from AP")
9217 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9218 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9219 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9221 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9223 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9225 logger
.debug("Send M3 to AP")
9226 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9227 attrs
+= build_attr_msg_type(WPS_M3
)
9228 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9229 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9230 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9231 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9232 raw_m3_attrs
= attrs
9233 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9234 send_wsc_msg(hapd
, addr
, m3
)
9236 logger
.debug("Receive M4 from AP")
9237 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9239 logger
.debug("Send M5 to AP")
9240 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9241 attrs
+= build_attr_msg_type(WPS_M5
)
9242 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9243 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9244 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9245 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9246 raw_m5_attrs
= attrs
9247 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9248 send_wsc_msg(hapd
, addr
, m5
)
9250 logger
.debug("Receive M6 from AP")
9251 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9253 logger
.debug("Send M7 to AP")
9254 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9255 attrs
+= build_attr_msg_type(WPS_M7
)
9256 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9257 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9258 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9259 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9260 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9261 raw_m7_attrs
= attrs
9262 send_wsc_msg(hapd
, addr
, m7
)
9264 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
9267 def test_wps_ext_m1_workaround(dev
, apdev
):
9268 """WPS proto: M1 Manufacturer/Model workaround"""
9270 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9271 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9272 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9274 logger
.debug("Receive WSC/Start from AP")
9275 msg
= get_wsc_msg(hapd
)
9276 if msg
['wsc_opcode'] != WSC_Start
:
9277 raise Exception("Unexpected Op-Code for WSC/Start")
9279 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9281 e_nonce
= 16*b
'\x22'
9282 own_private
, e_pk
= wsc_dh_init()
9284 logger
.debug("Send M1 to AP")
9285 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9286 e_nonce
, e_pk
, manufacturer
='Apple TEST',
9287 model_name
='AirPort', config_methods
=b
'\xff\xff')
9288 send_wsc_msg(hapd
, addr
, m1
)
9290 logger
.debug("Receive M2 from AP")
9291 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9294 def test_ap_wps_disable_enable(dev
, apdev
):
9295 """WPS and DISABLE/ENABLE AP"""
9296 hapd
= wps_start_ap(apdev
[0])
9299 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9301 def test_ap_wps_upnp_web_oom(dev
, apdev
, params
):
9302 """hostapd WPS UPnP web OOM"""
9303 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9304 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
9306 location
= ssdp_get_location(ap_uuid
)
9307 url
= urlparse(location
)
9308 urls
= upnp_get_urls(location
)
9309 eventurl
= urlparse(urls
['event_sub_url'])
9310 ctrlurl
= urlparse(urls
['control_url'])
9312 conn
= HTTPConnection(url
.netloc
)
9313 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9314 conn
.request("GET", "/wps_device.xml")
9316 resp
= conn
.getresponse()
9320 conn
= HTTPConnection(url
.netloc
)
9321 conn
.request("GET", "/unknown")
9322 resp
= conn
.getresponse()
9323 if resp
.status
!= 404:
9324 raise Exception("Unexpected HTTP result for unknown URL: %d" + resp
.status
)
9326 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9327 conn
.request("GET", "/unknown")
9329 resp
= conn
.getresponse()
9334 conn
= HTTPConnection(url
.netloc
)
9335 conn
.request("GET", "/wps_device.xml")
9336 resp
= conn
.getresponse()
9337 if resp
.status
!= 200:
9338 raise Exception("GET /wps_device.xml failed")
9340 conn
= HTTPConnection(url
.netloc
)
9341 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9342 if resp
.status
!= 200:
9343 raise Exception("GetDeviceInfo failed")
9345 with
alloc_fail(hapd
, 1, "web_process_get_device_info"):
9346 conn
= HTTPConnection(url
.netloc
)
9347 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9348 if resp
.status
!= 500:
9349 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9351 with
alloc_fail(hapd
, 1, "wps_build_m1;web_process_get_device_info"):
9352 conn
= HTTPConnection(url
.netloc
)
9353 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9354 if resp
.status
!= 500:
9355 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9357 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_send_reply"):
9358 conn
= HTTPConnection(url
.netloc
)
9360 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9364 conn
= HTTPConnection(url
.netloc
)
9365 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9366 if resp
.status
!= 200:
9367 raise Exception("GetDeviceInfo failed")
9369 # No NewWLANEventType in PutWLANResponse NewMessage
9370 conn
= HTTPConnection(url
.netloc
)
9371 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse", newmsg
="foo")
9372 if resp
.status
!= 600:
9373 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9375 # No NewWLANEventMAC in PutWLANResponse NewMessage
9376 conn
= HTTPConnection(url
.netloc
)
9377 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9378 newmsg
="foo", neweventtype
="1")
9379 if resp
.status
!= 600:
9380 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9382 # Invalid NewWLANEventMAC in PutWLANResponse NewMessage
9383 conn
= HTTPConnection(url
.netloc
)
9384 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9385 newmsg
="foo", neweventtype
="1",
9387 if resp
.status
!= 600:
9388 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9390 # Workaround for NewWLANEventMAC in PutWLANResponse NewMessage
9391 # Ignored unexpected PutWLANResponse WLANEventType 1
9392 conn
= HTTPConnection(url
.netloc
)
9393 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9394 newmsg
="foo", neweventtype
="1",
9395 neweventmac
="00.11.22.33.44.55")
9396 if resp
.status
!= 500:
9397 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9399 # PutWLANResponse NewMessage with invalid EAP message
9400 conn
= HTTPConnection(url
.netloc
)
9401 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9402 newmsg
="foo", neweventtype
="2",
9403 neweventmac
="00:11:22:33:44:55")
9404 if resp
.status
!= 200:
9405 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9407 with
alloc_fail(hapd
, 1, "web_connection_parse_subscribe"):
9408 conn
= HTTPConnection(url
.netloc
)
9409 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9411 "timeout": "Second-1234"}
9412 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9414 resp
= conn
.getresponse()
9418 with
alloc_fail(hapd
, 1, "dup_binstr;web_connection_parse_subscribe"):
9419 conn
= HTTPConnection(url
.netloc
)
9420 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9422 "timeout": "Second-1234"}
9423 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9424 resp
= conn
.getresponse()
9425 if resp
.status
!= 500:
9426 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9428 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_parse_unsubscribe"):
9429 conn
= HTTPConnection(url
.netloc
)
9430 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9432 "timeout": "Second-1234"}
9433 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9435 resp
= conn
.getresponse()
9439 with
alloc_fail(hapd
, 1, "web_connection_unimplemented"):
9440 conn
= HTTPConnection(url
.netloc
)
9441 conn
.request("HEAD", "/wps_device.xml")
9443 resp
= conn
.getresponse()
9447 def test_ap_wps_frag_ack_oom(dev
, apdev
):
9448 """WPS and fragment ack OOM"""
9449 dev
[0].request("SET wps_fragment_size 50")
9450 hapd
= wps_start_ap(apdev
[0])
9451 with
alloc_fail(hapd
, 1, "eap_wsc_build_frag_ack"):
9452 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
9454 def wait_scan_stopped(dev
):
9455 dev
.request("ABORT_SCAN")
9457 res
= dev
.get_driver_status_field("scan_state")
9458 if "SCAN_STARTED" not in res
and "SCAN_REQUESTED" not in res
:
9460 logger
.debug("Waiting for scan to complete")
9464 def test_ap_wps_eap_wsc_errors(dev
, apdev
):
9465 """WPS and EAP-WSC error cases"""
9466 ssid
= "test-wps-conf-pin"
9468 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9469 "wpa_passphrase": "12345678", "wpa": "2",
9470 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9471 "fragment_size": "300", "ap_pin": appin
}
9472 hapd
= hostapd
.add_ap(apdev
[0], params
)
9473 bssid
= apdev
[0]['bssid']
9475 pin
= dev
[0].wps_read_pin()
9476 hapd
.request("WPS_PIN any " + pin
)
9477 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9478 dev
[0].dump_monitor()
9480 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK", "CCMP",
9481 "new passphrase", no_wait
=True)
9482 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9484 raise Exception("WPS-FAIL not reported")
9485 dev
[0].request("WPS_CANCEL")
9486 dev
[0].wait_disconnected()
9487 wait_scan_stopped(dev
[0])
9488 dev
[0].dump_monitor()
9490 dev
[0].wps_reg(bssid
, appin
, "new ssid", "FOO", "CCMP",
9491 "new passphrase", no_wait
=True)
9492 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9494 raise Exception("WPS-FAIL not reported")
9495 dev
[0].request("WPS_CANCEL")
9496 dev
[0].wait_disconnected()
9497 wait_scan_stopped(dev
[0])
9498 dev
[0].dump_monitor()
9500 dev
[0].wps_reg(bssid
, appin
, "new ssid", "WPA2PSK", "FOO",
9501 "new passphrase", no_wait
=True)
9502 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9504 raise Exception("WPS-FAIL not reported")
9505 dev
[0].request("WPS_CANCEL")
9506 dev
[0].wait_disconnected()
9507 wait_scan_stopped(dev
[0])
9508 dev
[0].dump_monitor()
9510 dev
[0].wps_reg(bssid
, appin
+ "new_key=a", "new ssid", "WPA2PSK", "CCMP",
9511 "new passphrase", no_wait
=True)
9512 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9514 raise Exception("WPS-FAIL not reported")
9515 dev
[0].request("WPS_CANCEL")
9516 dev
[0].wait_disconnected()
9517 wait_scan_stopped(dev
[0])
9518 dev
[0].dump_monitor()
9520 tests
= ["eap_wsc_init",
9521 "eap_msg_alloc;eap_wsc_build_msg",
9522 "wpabuf_alloc;eap_wsc_process_fragment"]
9524 with
alloc_fail(dev
[0], 1, func
):
9525 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9526 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9527 dev
[0].request("WPS_CANCEL")
9528 dev
[0].wait_disconnected()
9529 wait_scan_stopped(dev
[0])
9530 dev
[0].dump_monitor()
9532 tests
= [(1, "wps_decrypt_encr_settings"),
9533 (2, "hmac_sha256;wps_derive_psk")]
9534 for count
, func
in tests
:
9535 hapd
.request("WPS_PIN any " + pin
)
9536 with
fail_test(dev
[0], count
, func
):
9537 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9538 wait_fail_trigger(dev
[0], "GET_FAIL")
9539 dev
[0].request("WPS_CANCEL")
9540 dev
[0].wait_disconnected()
9541 wait_scan_stopped(dev
[0])
9542 dev
[0].dump_monitor()
9544 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sm_build_expanded_nak"):
9545 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK",
9546 "CCMP", "new passphrase", no_wait
=True)
9547 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9548 dev
[0].request("WPS_CANCEL")
9549 dev
[0].wait_disconnected()
9550 wait_scan_stopped(dev
[0])
9551 dev
[0].dump_monitor()
9553 def test_ap_wps_eap_wsc(dev
, apdev
):
9554 """WPS and EAP-WSC in network profile"""
9555 params
= int_eap_server_params()
9556 params
["wps_state"] = "2"
9557 hapd
= hostapd
.add_ap(apdev
[0], params
)
9558 bssid
= apdev
[0]['bssid']
9560 logger
.info("Unexpected identity")
9561 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9562 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-unexpected",
9564 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9566 raise Exception("No EAP-Failure seen")
9567 dev
[0].request("REMOVE_NETWORK all")
9568 dev
[0].wait_disconnected()
9570 logger
.info("No phase1 parameter")
9571 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9572 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9574 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9576 raise Exception("Timeout on EAP method start")
9577 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9579 raise Exception("No EAP-Failure seen")
9580 dev
[0].request("REMOVE_NETWORK all")
9581 dev
[0].wait_disconnected()
9583 logger
.info("No PIN/PBC in phase1")
9584 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9585 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9586 phase1
="foo", wait_connect
=False)
9587 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9589 raise Exception("Timeout on EAP method start")
9590 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9592 raise Exception("No EAP-Failure seen")
9593 dev
[0].request("REMOVE_NETWORK all")
9594 dev
[0].wait_disconnected()
9596 logger
.info("Invalid pkhash in phase1")
9597 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9598 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9599 phase1
="foo pkhash=q pbc=1", wait_connect
=False)
9600 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9602 raise Exception("Timeout on EAP method start")
9603 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9605 raise Exception("No EAP-Failure seen")
9606 dev
[0].request("REMOVE_NETWORK all")
9607 dev
[0].wait_disconnected()
9609 logger
.info("Zero fragment_size")
9610 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9611 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9612 fragment_size
="0", phase1
="pin=12345670", wait_connect
=False)
9613 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9615 raise Exception("Timeout on EAP method start")
9616 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=5)
9618 raise Exception("No M2D seen")
9619 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9621 raise Exception("No EAP-Failure seen")
9622 dev
[0].request("REMOVE_NETWORK all")
9623 dev
[0].wait_disconnected()
9625 logger
.info("Missing new_auth")
9626 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9627 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9628 phase1
="pin=12345670 new_ssid=aa", wait_connect
=False)
9629 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9631 raise Exception("Timeout on EAP method start")
9632 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9634 raise Exception("No EAP-Failure seen")
9635 dev
[0].request("REMOVE_NETWORK all")
9636 dev
[0].wait_disconnected()
9638 logger
.info("Missing new_encr")
9639 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9640 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9641 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa", wait_connect
=False)
9642 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9644 raise Exception("Timeout on EAP method start")
9645 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9647 raise Exception("No EAP-Failure seen")
9648 dev
[0].request("REMOVE_NETWORK all")
9649 dev
[0].wait_disconnected()
9651 logger
.info("Missing new_key")
9652 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9653 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9654 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa new_encr=CCMP",
9656 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9658 raise Exception("Timeout on EAP method start")
9659 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9661 raise Exception("No EAP-Failure seen")
9662 dev
[0].request("REMOVE_NETWORK all")
9663 dev
[0].wait_disconnected()
9665 def test_ap_wps_and_bss_limit(dev
, apdev
):
9666 """WPS and wpa_supplicant BSS entry limit"""
9668 _test_ap_wps_and_bss_limit(dev
, apdev
)
9670 dev
[0].request("SET bss_max_count 200")
9673 def _test_ap_wps_and_bss_limit(dev
, apdev
):
9674 params
= {"ssid": "test-wps", "eap_server": "1", "wps_state": "2",
9675 "wpa_passphrase": "12345678", "wpa": "2",
9676 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9677 hapd
= hostapd
.add_ap(apdev
[0], params
)
9679 params
= {"ssid": "test-wps-2", "eap_server": "1", "wps_state": "2",
9680 "wpa_passphrase": "1234567890", "wpa": "2",
9681 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9682 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9684 id = dev
[1].add_network()
9685 dev
[1].set_network(id, "mode", "2")
9686 dev
[1].set_network_quoted(id, "ssid", "wpas-ap-no-wps")
9687 dev
[1].set_network_quoted(id, "psk", "12345678")
9688 dev
[1].set_network(id, "frequency", "2462")
9689 dev
[1].set_network(id, "scan_freq", "2462")
9690 dev
[1].set_network(id, "wps_disabled", "1")
9691 dev
[1].select_network(id)
9693 id = dev
[2].add_network()
9694 dev
[2].set_network(id, "mode", "2")
9695 dev
[2].set_network_quoted(id, "ssid", "wpas-ap")
9696 dev
[2].set_network_quoted(id, "psk", "12345678")
9697 dev
[2].set_network(id, "frequency", "2437")
9698 dev
[2].set_network(id, "scan_freq", "2437")
9699 dev
[2].select_network(id)
9701 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9702 wpas
.interface_add("wlan5")
9703 id = wpas
.add_network()
9704 wpas
.set_network(id, "mode", "2")
9705 wpas
.set_network_quoted(id, "ssid", "wpas-ap")
9706 wpas
.set_network_quoted(id, "psk", "12345678")
9707 wpas
.set_network(id, "frequency", "2437")
9708 wpas
.set_network(id, "scan_freq", "2437")
9709 wpas
.select_network(id)
9711 dev
[1].wait_connected()
9712 dev
[2].wait_connected()
9713 wpas
.wait_connected()
9714 wpas
.request("WPS_PIN any 12345670")
9716 hapd
.request("WPS_PBC")
9717 hapd2
.request("WPS_PBC")
9719 dev
[0].request("SET bss_max_count 1")
9721 id = dev
[0].add_network()
9722 dev
[0].set_network_quoted(id, "ssid", "testing")
9724 id = dev
[0].add_network()
9725 dev
[0].set_network_quoted(id, "ssid", "testing")
9726 dev
[0].set_network(id, "key_mgmt", "WPS")
9728 dev
[0].request("WPS_PBC")
9729 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
9730 dev
[0].request("WPS_CANCEL")
9732 id = dev
[0].add_network()
9733 dev
[0].set_network_quoted(id, "ssid", "testing")
9734 dev
[0].set_network(id, "key_mgmt", "WPS")
9736 dev
[0].scan(freq
="2412")
9738 def test_ap_wps_pbc_2ap(dev
, apdev
):
9739 """WPS PBC with two APs advertising same SSID"""
9740 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9741 "wpa_passphrase": "12345678", "wpa": "2",
9742 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9743 "wps_independent": "1"}
9744 hapd
= hostapd
.add_ap(apdev
[0], params
)
9745 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9746 "wpa_passphrase": "123456789", "wpa": "2",
9747 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9748 "wps_independent": "1"}
9749 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9750 hapd
.request("WPS_PBC")
9752 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9753 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
9755 wpas
.flush_scan_cache()
9757 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
9758 wpas
.scan_for_bss(apdev
[1]['bssid'], freq
="2412")
9759 wpas
.request("WPS_PBC")
9760 wpas
.wait_connected()
9761 wpas
.request("DISCONNECT")
9762 hapd
.request("DISABLE")
9763 hapd2
.request("DISABLE")
9764 wpas
.flush_scan_cache()
9766 def test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9767 """WPS ER enrolling a new device to a configured AP"""
9769 _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
)
9771 dev
[0].request("WPS_ER_STOP")
9773 def _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9774 ssid
= "wps-er-enrollee-to-conf-ap"
9776 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9777 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9778 "wpa_passphrase": "12345678", "wpa": "2",
9779 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9780 "device_name": "Wireless AP", "manufacturer": "Company",
9781 "model_name": "WAP", "model_number": "123",
9782 "serial_number": "12345", "device_type": "6-0050F204-1",
9783 "os_version": "01020300",
9784 "config_methods": "label push_button",
9785 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9786 hapd
= hostapd
.add_ap(apdev
[0], params
)
9787 bssid
= hapd
.own_addr()
9789 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9790 dev
[0].dump_monitor()
9792 dev
[0].request("WPS_ER_START ifname=lo")
9793 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9795 raise Exception("AP discovery timed out")
9796 if ap_uuid
not in ev
:
9797 raise Exception("Expected AP UUID not found")
9799 pin
= dev
[2].wps_read_pin()
9800 addr2
= dev
[2].own_addr()
9801 dev
[0].dump_monitor()
9802 dev
[2].scan_for_bss(bssid
, freq
=2412)
9803 dev
[2].dump_monitor()
9804 dev
[2].request("WPS_PIN %s %s" % (bssid
, pin
))
9807 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
9809 raise Exception("Enrollee not seen")
9813 raise Exception("Unexpected Enrollee MAC address")
9814 dev
[0].dump_monitor()
9816 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " " + str(id))
9817 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
9818 dev
[2].wait_connected(timeout
=30)
9819 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9821 raise Exception("WPS ER did not report success")
9823 def test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9824 """WPS ER enrolling a new device to a configured AP (2)"""
9826 _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
)
9828 dev
[0].request("WPS_ER_STOP")
9830 def _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9831 ssid
= "wps-er-enrollee-to-conf-ap"
9833 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9834 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9835 "wpa_passphrase": "12345678", "wpa": "2",
9836 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9837 "device_name": "Wireless AP", "manufacturer": "Company",
9838 "model_name": "WAP", "model_number": "123",
9839 "serial_number": "12345", "device_type": "6-0050F204-1",
9840 "os_version": "01020300",
9841 "config_methods": "label push_button",
9842 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9843 hapd
= hostapd
.add_ap(apdev
[0], params
)
9844 bssid
= hapd
.own_addr()
9846 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9847 dev
[0].dump_monitor()
9849 dev
[0].request("WPS_ER_START ifname=lo")
9850 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9852 raise Exception("AP discovery timed out")
9853 if ap_uuid
not in ev
:
9854 raise Exception("Expected AP UUID not found")
9856 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
9857 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
9859 raise Exception("AP learn timed out")
9860 if ap_uuid
not in ev
:
9861 raise Exception("Expected AP UUID not in settings")
9862 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
9864 raise Exception("WPS-FAIL after AP learn timed out")
9867 pin
= dev
[1].wps_read_pin()
9868 addr1
= dev
[1].own_addr()
9869 dev
[0].dump_monitor()
9870 dev
[0].request("WPS_ER_PIN any " + pin
)
9872 dev
[1].scan_for_bss(bssid
, freq
=2412)
9873 dev
[1].request("WPS_PIN any %s" % pin
)
9874 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
9876 raise Exception("Enrollee did not report success")
9877 dev
[1].wait_connected(timeout
=15)
9878 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9880 raise Exception("WPS ER did not report success")
9882 def test_ap_wps_ignore_broadcast_ssid(dev
, apdev
):
9883 """WPS AP trying to ignore broadcast SSID"""
9885 hapd
= hostapd
.add_ap(apdev
[0],
9886 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9887 "ignore_broadcast_ssid": "1"})
9888 if "FAIL" not in hapd
.request("WPS_PBC"):
9889 raise Exception("WPS unexpectedly enabled")
9891 def test_ap_wps_wep(dev
, apdev
):
9892 """WPS AP trying to enable WEP"""
9894 hapd
= hostapd
.add_ap(apdev
[0],
9895 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9896 "ieee80211n": "0", "wep_key0": '"hello"'})
9897 if "FAIL" not in hapd
.request("WPS_PBC"):
9898 raise Exception("WPS unexpectedly enabled")
9900 def test_ap_wps_tkip(dev
, apdev
):
9901 """WPS AP trying to enable TKIP"""
9903 hapd
= hostapd
.add_ap(apdev
[0],
9904 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9905 "ieee80211n": "0", "wpa": '1',
9906 "wpa_key_mgmt": "WPA-PSK",
9907 "wpa_passphrase": "12345678"})
9908 if "FAIL" not in hapd
.request("WPS_PBC"):
9909 raise Exception("WPS unexpectedly enabled")
9911 def test_ap_wps_conf_dummy_cred(dev
, apdev
):
9912 """WPS PIN provisioning with configured AP using dummy cred"""
9913 ssid
= "test-wps-conf"
9914 hapd
= hostapd
.add_ap(apdev
[0],
9915 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9916 "wpa_passphrase": "12345678", "wpa": "2",
9917 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9918 hapd
.request("WPS_PIN any 12345670")
9919 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9920 dev
[0].dump_monitor()
9922 hapd
.set("wps_testing_dummy_cred", "1")
9923 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
9924 for i
in range(1, 3):
9925 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
9927 raise Exception("WPS credential %d not received" % i
)
9928 dev
[0].wait_connected(timeout
=30)
9930 hapd
.set("wps_testing_dummy_cred", "0")
9932 def test_ap_wps_rf_bands(dev
, apdev
):
9933 """WPS and wps_rf_bands configuration"""
9934 ssid
= "test-wps-conf"
9935 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9936 "wpa_passphrase": "12345678", "wpa": "2",
9937 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9938 "wps_rf_bands": "ag"}
9940 hapd
= hostapd
.add_ap(apdev
[0], params
)
9941 bssid
= hapd
.own_addr()
9942 hapd
.request("WPS_PBC")
9943 dev
[0].scan_for_bss(bssid
, freq
="2412")
9944 dev
[0].dump_monitor()
9945 dev
[0].request("WPS_PBC " + bssid
)
9946 dev
[0].wait_connected(timeout
=30)
9947 bss
= dev
[0].get_bss(bssid
)
9948 logger
.info("BSS: " + str(bss
))
9949 if "103c000103" not in bss
['ie']:
9950 raise Exception("RF Bands attribute with expected values not found")
9951 dev
[0].request("DISCONNECT")
9952 dev
[0].wait_disconnected()
9953 hapd
.set("wps_rf_bands", "ad")
9954 hapd
.set("wps_rf_bands", "a")
9955 hapd
.set("wps_rf_bands", "g")
9956 hapd
.set("wps_rf_bands", "b")
9957 hapd
.set("wps_rf_bands", "ga")
9959 dev
[0].dump_monitor()
9960 dev
[0].flush_scan_cache()
9962 def test_ap_wps_pbc_in_m1(dev
, apdev
):
9963 """WPS and pbc_in_m1"""
9964 ssid
= "test-wps-conf"
9965 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9966 "wpa_passphrase": "12345678", "wpa": "2",
9967 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9968 "config_methods": "virtual_push_button virtual_display",
9971 hapd
= hostapd
.add_ap(apdev
[0], params
)
9972 bssid
= hapd
.own_addr()
9973 hapd
.request("WPS_PBC")
9974 dev
[0].scan_for_bss(bssid
, freq
="2412")
9975 dev
[0].dump_monitor()
9976 dev
[0].request("WPS_PBC " + bssid
)
9977 dev
[0].wait_connected(timeout
=30)
9978 dev
[0].request("DISCONNECT")
9979 dev
[0].wait_disconnected()
9981 dev
[0].dump_monitor()
9982 dev
[0].flush_scan_cache()
9984 def test_ap_wps_pin_start_failure(dev
, apdev
):
9985 """WPS_PIN start failure"""
9986 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
9987 if "FAIL" not in dev
[0].request("WPS_PIN any 12345670"):
9988 raise Exception("WPS_PIN not rejected during OOM")
9989 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
9990 if "FAIL" not in dev
[0].request("WPS_PIN any"):
9991 raise Exception("WPS_PIN not rejected during OOM")
9993 def test_ap_wps_ap_pin_failure(dev
, apdev
):
9994 """WPS_AP_PIN failure"""
9995 id = dev
[0].add_network()
9996 dev
[0].set_network(id, "mode", "2")
9997 dev
[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
9998 dev
[0].set_network_quoted(id, "psk", "1234567890")
9999 dev
[0].set_network(id, "frequency", "2412")
10000 dev
[0].set_network(id, "scan_freq", "2412")
10001 dev
[0].select_network(id)
10002 dev
[0].wait_connected()
10004 with
fail_test(dev
[0], 1,
10005 "os_get_random;wpa_supplicant_ctrl_iface_wps_ap_pin"):
10006 if "FAIL" not in dev
[0].request("WPS_AP_PIN random"):
10007 raise Exception("WPS_AP_PIN random accepted")
10008 with
alloc_fail(dev
[0], 1, "wpas_wps_ap_pin_set"):
10009 if "FAIL" not in dev
[0].request("WPS_AP_PIN set 12345670"):
10010 raise Exception("WPS_AP_PIN set accepted")
10012 dev
[0].request("DISCONNECT")
10013 dev
[0].wait_disconnected()
10015 def test_ap_wps_random_uuid(dev
, apdev
, params
):
10016 """WPS and random UUID on Enrollee"""
10017 ssid
= "test-wps-conf"
10018 hapd
= hostapd
.add_ap(apdev
[0],
10019 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10020 "wpa_passphrase": "12345678", "wpa": "2",
10021 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
10023 config
= os
.path
.join(params
['logdir'], 'ap_wps_random_uuid.conf')
10024 with
open(config
, "w") as f
:
10025 f
.write("auto_uuid=1\n")
10027 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
10031 wpas
.interface_add("wlan5", config
=config
)
10033 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10034 wpas
.dump_monitor()
10035 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
10037 ev
= hapd
.wait_event(["WPS-ENROLLEE-SEEN"], timeout
=10)
10039 raise Exception("Enrollee not seen")
10040 uuid
.append(ev
.split(' ')[2])
10041 wpas
.request("WPS_CANCEL")
10042 wpas
.dump_monitor()
10044 wpas
.interface_remove("wlan5")
10046 hapd
.dump_monitor()
10048 logger
.info("Seen UUIDs: " + str(uuid
))
10049 if uuid
[0] == uuid
[1] or uuid
[0] == uuid
[2] or uuid
[1] == uuid
[2]:
10050 raise Exception("Same UUID used multiple times")
10052 def test_ap_wps_conf_pin_gcmp_128(dev
, apdev
):
10053 """WPS PIN provisioning with configured AP using GCMP-128"""
10054 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP")
10056 def test_ap_wps_conf_pin_gcmp_256(dev
, apdev
):
10057 """WPS PIN provisioning with configured AP using GCMP-256"""
10058 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP-256")
10060 def test_ap_wps_conf_pin_ccmp_256(dev
, apdev
):
10061 """WPS PIN provisioning with configured AP using CCMP-256"""
10062 run_ap_wps_conf_pin_cipher(dev
, apdev
, "CCMP-256")
10064 def run_ap_wps_conf_pin_cipher(dev
, apdev
, cipher
):
10065 if cipher
not in dev
[0].get_capability("pairwise"):
10066 raise HwsimSkip("Cipher %s not supported" % cipher
)
10067 ssid
= "test-wps-conf-pin"
10068 hapd
= hostapd
.add_ap(apdev
[0],
10069 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10070 "wpa_passphrase": "12345678", "wpa": "2",
10071 "wpa_key_mgmt": "WPA-PSK",
10072 "rsn_pairwise": cipher
})
10073 logger
.info("WPS provisioning step")
10074 pin
= dev
[0].wps_read_pin()
10075 hapd
.request("WPS_PIN any " + pin
)
10076 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10077 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
10078 dev
[0].wait_connected(timeout
=15)
10080 def test_ap_wps_and_sae(dev
, apdev
):
10081 """Initial AP configuration with first WPS Enrollee and adding SAE"""
10083 run_ap_wps_and_sae(dev
, apdev
)
10085 dev
[0].set("wps_cred_add_sae", "0")
10087 def run_ap_wps_and_sae(dev
, apdev
):
10088 ssid
= "test-wps-sae"
10089 hapd
= hostapd
.add_ap(apdev
[0],
10090 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10091 "wps_cred_add_sae": "1"})
10092 logger
.info("WPS provisioning step")
10093 pin
= dev
[0].wps_read_pin()
10094 hapd
.request("WPS_PIN any " + pin
)
10096 dev
[0].set("wps_cred_add_sae", "1")
10097 dev
[0].request("SET sae_groups ")
10098 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10099 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10100 dev
[0].wait_connected(timeout
=30)
10101 status
= dev
[0].get_status()
10102 if status
['key_mgmt'] != "SAE":
10103 raise Exception("SAE not used")
10104 if 'pmf' not in status
or status
['pmf'] != "1":
10105 raise Exception("PMF not enabled")
10107 pin
= dev
[1].wps_read_pin()
10108 hapd
.request("WPS_PIN any " + pin
)
10109 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10110 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10111 dev
[1].wait_connected(timeout
=30)
10112 status
= dev
[1].get_status()
10113 if status
['key_mgmt'] != "WPA2-PSK":
10114 raise Exception("WPA2-PSK not used")
10115 if 'pmf' in status
:
10116 raise Exception("PMF enabled")
10118 def test_ap_wps_conf_and_sae(dev
, apdev
):
10119 """WPS PBC provisioning with configured AP using PSK+SAE"""
10121 run_ap_wps_conf_and_sae(dev
, apdev
)
10123 dev
[0].set("wps_cred_add_sae", "0")
10125 def run_ap_wps_conf_and_sae(dev
, apdev
):
10126 ssid
= "test-wps-conf-sae"
10127 hapd
= hostapd
.add_ap(apdev
[0],
10128 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10129 "wpa_passphrase": "12345678", "wpa": "2",
10130 "ieee80211w": "1", "sae_require_mfp": "1",
10131 "wpa_key_mgmt": "WPA-PSK SAE",
10132 "rsn_pairwise": "CCMP"})
10134 dev
[0].set("wps_cred_add_sae", "1")
10135 dev
[0].request("SET sae_groups ")
10136 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10137 pin
= dev
[0].wps_read_pin()
10138 hapd
.request("WPS_PIN any " + pin
)
10139 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10140 dev
[0].wait_connected(timeout
=30)
10141 status
= dev
[0].get_status()
10142 if status
['key_mgmt'] != "SAE":
10143 raise Exception("SAE not used")
10144 if 'pmf' not in status
or status
['pmf'] != "1":
10145 raise Exception("PMF not enabled")
10147 dev
[1].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
10148 key_mgmt
="WPA-PSK", ieee80211w
="0")
10150 def test_ap_wps_reg_config_and_sae(dev
, apdev
):
10151 """WPS registrar configuring an AP using AP PIN and using PSK+SAE"""
10153 run_ap_wps_reg_config_and_sae(dev
, apdev
)
10155 dev
[0].set("wps_cred_add_sae", "0")
10157 def run_ap_wps_reg_config_and_sae(dev
, apdev
):
10158 ssid
= "test-wps-init-ap-pin-sae"
10160 hostapd
.add_ap(apdev
[0],
10161 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10162 "ap_pin": appin
, "wps_cred_add_sae": "1"})
10163 logger
.info("WPS configuration step")
10164 dev
[0].set("wps_cred_add_sae", "1")
10165 dev
[0].request("SET sae_groups ")
10166 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
10167 dev
[0].dump_monitor()
10168 new_ssid
= "wps-new-ssid"
10169 new_passphrase
= "1234567890"
10170 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
10172 status
= dev
[0].get_status()
10173 if status
['key_mgmt'] != "SAE":
10174 raise Exception("SAE not used")
10175 if 'pmf' not in status
or status
['pmf'] != "1":
10176 raise Exception("PMF not enabled")
10178 dev
[1].connect(new_ssid
, psk
=new_passphrase
, scan_freq
="2412", proto
="WPA2",
10179 key_mgmt
="WPA-PSK", ieee80211w
="0")