]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sae.py
2 # Copyright (c) 2013-2016, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
12 logger
= logging
. getLogger ()
19 from wpasupplicant
import WpaSupplicant
20 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
, start_monitor
, stop_monitor
, radiotap_build
21 from test_ap_psk
import find_wpas_process
, read_process_memory
, verify_not_present
, get_key_locations
24 def test_sae ( dev
, apdev
):
25 """SAE with default group"""
26 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
27 raise HwsimSkip ( "SAE not supported" )
28 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
29 passphrase
= "12345678" )
30 params
[ 'wpa_key_mgmt' ] = 'SAE'
31 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
32 key_mgmt
= hapd
. get_config ()[ 'key_mgmt' ]
33 if key_mgmt
. split ( ' ' )[ 0 ] != "SAE" :
34 raise Exception ( "Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
36 dev
[ 0 ]. request ( "SET sae_groups " )
37 id = dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
39 if dev
[ 0 ]. get_status_field ( 'sae_group' ) != '19' :
40 raise Exception ( "Expected default SAE group not used" )
41 bss
= dev
[ 0 ]. get_bss ( apdev
[ 0 ][ 'bssid' ])
42 if 'flags' not in bss
:
43 raise Exception ( "Could not get BSS flags from BSS table" )
44 if "[WPA2-SAE-CCMP]" not in bss
[ 'flags' ]:
45 raise Exception ( "Unexpected BSS flags: " + bss
[ 'flags' ])
47 res
= hapd
. request ( "STA-FIRST" )
48 if "sae_group=19" not in res
. splitlines ():
49 raise Exception ( "hostapd STA output did not specify SAE group" )
52 def test_sae_password_ecc ( dev
, apdev
):
53 """SAE with number of different passwords (ECC)"""
54 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
55 raise HwsimSkip ( "SAE not supported" )
56 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
57 passphrase
= "12345678" )
58 params
[ 'wpa_key_mgmt' ] = 'SAE'
59 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
61 dev
[ 0 ]. request ( "SET sae_groups 19" )
64 password
= "12345678-" + str ( i
)
65 hapd
. set ( "wpa_passphrase" , password
)
66 dev
[ 0 ]. connect ( "test-sae" , psk
= password
, key_mgmt
= "SAE" ,
68 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
69 dev
[ 0 ]. wait_disconnected ()
72 def test_sae_password_ffc ( dev
, apdev
):
73 """SAE with number of different passwords (FFC)"""
74 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
75 raise HwsimSkip ( "SAE not supported" )
76 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
77 passphrase
= "12345678" )
78 params
[ 'wpa_key_mgmt' ] = 'SAE'
79 params
[ 'sae_groups' ] = '15'
80 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
82 dev
[ 0 ]. request ( "SET sae_groups 15" )
85 password
= "12345678-" + str ( i
)
86 hapd
. set ( "wpa_passphrase" , password
)
87 dev
[ 0 ]. connect ( "test-sae" , psk
= password
, key_mgmt
= "SAE" ,
89 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
90 dev
[ 0 ]. wait_disconnected ()
93 def test_sae_pmksa_caching ( dev
, apdev
):
94 """SAE and PMKSA caching"""
95 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
96 raise HwsimSkip ( "SAE not supported" )
97 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
98 passphrase
= "12345678" )
99 params
[ 'wpa_key_mgmt' ] = 'SAE'
100 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
102 dev
[ 0 ]. request ( "SET sae_groups " )
103 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
105 ev
= hapd
. wait_event ([ "AP-STA-CONNECTED" ], timeout
= 5 )
107 raise Exception ( "No connection event received from hostapd" )
108 dev
[ 0 ]. request ( "DISCONNECT" )
109 dev
[ 0 ]. wait_disconnected ()
110 dev
[ 0 ]. request ( "RECONNECT" )
111 dev
[ 0 ]. wait_connected ( timeout
= 15 , error
= "Reconnect timed out" )
112 if dev
[ 0 ]. get_status_field ( 'sae_group' ) is not None :
113 raise Exception ( "SAE group claimed to have been used" )
116 def test_sae_pmksa_caching_disabled ( dev
, apdev
):
117 """SAE and PMKSA caching disabled"""
118 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
119 raise HwsimSkip ( "SAE not supported" )
120 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
121 passphrase
= "12345678" )
122 params
[ 'wpa_key_mgmt' ] = 'SAE'
123 params
[ 'disable_pmksa_caching' ] = '1'
124 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
126 dev
[ 0 ]. request ( "SET sae_groups " )
127 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
129 ev
= hapd
. wait_event ([ "AP-STA-CONNECTED" ], timeout
= 5 )
131 raise Exception ( "No connection event received from hostapd" )
132 dev
[ 0 ]. request ( "DISCONNECT" )
133 dev
[ 0 ]. wait_disconnected ()
134 dev
[ 0 ]. request ( "RECONNECT" )
135 dev
[ 0 ]. wait_connected ( timeout
= 15 , error
= "Reconnect timed out" )
136 if dev
[ 0 ]. get_status_field ( 'sae_group' ) != '19' :
137 raise Exception ( "Expected default SAE group not used" )
139 def test_sae_groups ( dev
, apdev
):
140 """SAE with all supported groups"""
141 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
142 raise HwsimSkip ( "SAE not supported" )
143 # This is the full list of supported groups, but groups 14-16 (2048-4096 bit
144 # MODP) and group 21 (521-bit random ECP group) are a bit too slow on some
145 # VMs and can result in hitting the mac80211 authentication timeout, so
146 # allow them to fail and just report such failures in the debug log.
147 sae_groups
= [ 19 , 25 , 26 , 20 , 21 , 1 , 2 , 5 , 14 , 15 , 16 , 22 , 23 , 24 ]
148 tls
= dev
[ 0 ]. request ( "GET tls_library" )
149 if tls
. startswith ( "OpenSSL" ) and "run=OpenSSL 1." in tls
:
150 logger
. info ( "Add Brainpool EC groups since OpenSSL is new enough" )
151 sae_groups
+= [ 27 , 28 , 29 , 30 ]
152 heavy_groups
= [ 14 , 15 , 16 ]
153 suitable_groups
= [ 15 , 16 , 17 , 18 , 19 , 20 , 21 , 28 , 29 , 30 ]
154 groups
= [ str ( g
) for g
in sae_groups
]
155 params
= hostapd
. wpa2_params ( ssid
= "test-sae-groups" ,
156 passphrase
= "12345678" )
157 params
[ 'wpa_key_mgmt' ] = 'SAE'
158 params
[ 'sae_groups' ] = ' ' . join ( groups
)
159 hostapd
. add_ap ( apdev
[ 0 ], params
)
162 logger
. info ( "Testing SAE group " + g
)
163 dev
[ 0 ]. request ( "SET sae_groups " + g
)
164 id = dev
[ 0 ]. connect ( "test-sae-groups" , psk
= "12345678" , key_mgmt
= "SAE" ,
165 scan_freq
= "2412" , wait_connect
= False )
166 if int ( g
) in heavy_groups
:
167 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 5 )
169 logger
. info ( "No connection with heavy SAE group %s did not connect - likely hitting timeout in mac80211" % g
)
170 dev
[ 0 ]. remove_network ( id )
172 dev
[ 0 ]. dump_monitor ()
174 logger
. info ( "Connection with heavy SAE group " + g
)
176 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 10 )
178 if "BoringSSL" in tls
and int ( g
) in [ 25 ]:
179 logger
. info ( "Ignore connection failure with group " + g
+ " with BoringSSL" )
180 dev
[ 0 ]. remove_network ( id )
181 dev
[ 0 ]. dump_monitor ()
183 if int ( g
) not in suitable_groups
:
184 logger
. info ( "Ignore connection failure with unsuitable group " + g
)
185 dev
[ 0 ]. remove_network ( id )
186 dev
[ 0 ]. dump_monitor ()
188 raise Exception ( "Connection timed out with group " + g
)
189 if dev
[ 0 ]. get_status_field ( 'sae_group' ) != g
:
190 raise Exception ( "Expected SAE group not used" )
191 dev
[ 0 ]. remove_network ( id )
192 dev
[ 0 ]. wait_disconnected ()
193 dev
[ 0 ]. dump_monitor ()
196 def test_sae_group_nego ( dev
, apdev
):
197 """SAE group negotiation"""
198 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
199 raise HwsimSkip ( "SAE not supported" )
200 params
= hostapd
. wpa2_params ( ssid
= "test-sae-group-nego" ,
201 passphrase
= "12345678" )
202 params
[ 'wpa_key_mgmt' ] = 'SAE'
203 params
[ 'sae_groups' ] = '19'
204 hostapd
. add_ap ( apdev
[ 0 ], params
)
206 dev
[ 0 ]. request ( "SET sae_groups 25 26 20 19" )
207 dev
[ 0 ]. connect ( "test-sae-group-nego" , psk
= "12345678" , key_mgmt
= "SAE" ,
209 if dev
[ 0 ]. get_status_field ( 'sae_group' ) != '19' :
210 raise Exception ( "Expected SAE group not used" )
212 def test_sae_group_nego_no_match ( dev
, apdev
):
213 """SAE group negotiation (no match)"""
214 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
215 raise HwsimSkip ( "SAE not supported" )
216 params
= hostapd
. wpa2_params ( ssid
= "test-sae-group-nego" ,
217 passphrase
= "12345678" )
218 params
[ 'wpa_key_mgmt' ] = 'SAE'
219 # None-existing SAE group to force all attempts to be rejected
220 params
[ 'sae_groups' ] = '0'
221 hostapd
. add_ap ( apdev
[ 0 ], params
)
223 dev
[ 0 ]. request ( "SET sae_groups " )
224 dev
[ 0 ]. connect ( "test-sae-group-nego" , psk
= "12345678" , key_mgmt
= "SAE" ,
225 scan_freq
= "2412" , wait_connect
= False )
226 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-SSID-TEMP-DISABLED" ], timeout
= 10 )
227 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
229 raise Exception ( "Network profile disabling not reported" )
232 def test_sae_anti_clogging ( dev
, apdev
):
233 """SAE anti clogging"""
234 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
235 raise HwsimSkip ( "SAE not supported" )
236 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
237 params
[ 'wpa_key_mgmt' ] = 'SAE'
238 params
[ 'sae_anti_clogging_threshold' ] = '1'
239 hostapd
. add_ap ( apdev
[ 0 ], params
)
241 dev
[ 0 ]. request ( "SET sae_groups " )
242 dev
[ 1 ]. request ( "SET sae_groups " )
244 for i
in range ( 0 , 2 ):
245 dev
[ i
]. scan ( freq
= "2412" )
246 id [ i
] = dev
[ i
]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
247 scan_freq
= "2412" , only_add_network
= True )
248 for i
in range ( 0 , 2 ):
249 dev
[ i
]. select_network ( id [ i
])
250 for i
in range ( 0 , 2 ):
251 dev
[ i
]. wait_connected ( timeout
= 10 )
253 def test_sae_forced_anti_clogging ( dev
, apdev
):
254 """SAE anti clogging (forced)"""
255 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
256 raise HwsimSkip ( "SAE not supported" )
257 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
258 params
[ 'wpa_key_mgmt' ] = 'SAE WPA-PSK'
259 params
[ 'sae_anti_clogging_threshold' ] = '0'
260 hostapd
. add_ap ( apdev
[ 0 ], params
)
261 dev
[ 2 ]. connect ( "test-sae" , psk
= "12345678" , scan_freq
= "2412" )
262 for i
in range ( 0 , 2 ):
263 dev
[ i
]. request ( "SET sae_groups " )
264 dev
[ i
]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
267 def test_sae_mixed ( dev
, apdev
):
268 """Mixed SAE and non-SAE network"""
269 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
270 raise HwsimSkip ( "SAE not supported" )
271 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
272 params
[ 'wpa_key_mgmt' ] = 'SAE WPA-PSK'
273 params
[ 'sae_anti_clogging_threshold' ] = '0'
274 hostapd
. add_ap ( apdev
[ 0 ], params
)
276 dev
[ 2 ]. connect ( "test-sae" , psk
= "12345678" , scan_freq
= "2412" )
277 for i
in range ( 0 , 2 ):
278 dev
[ i
]. request ( "SET sae_groups " )
279 dev
[ i
]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
282 def test_sae_and_psk ( dev
, apdev
):
283 """SAE and PSK enabled in network profile"""
284 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
285 raise HwsimSkip ( "SAE not supported" )
286 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
287 params
[ 'wpa_key_mgmt' ] = 'SAE'
288 hostapd
. add_ap ( apdev
[ 0 ], params
)
290 dev
[ 0 ]. request ( "SET sae_groups " )
291 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE WPA-PSK" ,
294 def test_sae_and_psk2 ( dev
, apdev
):
295 """SAE and PSK enabled in network profile (use PSK)"""
296 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
297 raise HwsimSkip ( "SAE not supported" )
298 params
= hostapd
. wpa2_params ( ssid
= "test-psk" , passphrase
= "12345678" )
299 hostapd
. add_ap ( apdev
[ 0 ], params
)
301 dev
[ 0 ]. request ( "SET sae_groups " )
302 dev
[ 0 ]. connect ( "test-psk" , psk
= "12345678" , key_mgmt
= "SAE WPA-PSK" ,
305 def test_sae_mixed_mfp ( dev
, apdev
):
306 """Mixed SAE and non-SAE network and MFP required with SAE"""
307 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
308 raise HwsimSkip ( "SAE not supported" )
309 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
310 params
[ 'wpa_key_mgmt' ] = 'SAE WPA-PSK'
311 params
[ "ieee80211w" ] = "1"
312 params
[ 'sae_require_mfp' ] = '1'
313 hostapd
. add_ap ( apdev
[ 0 ], params
)
315 dev
[ 0 ]. request ( "SET sae_groups " )
316 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" , ieee80211w
= "2" ,
318 dev
[ 0 ]. dump_monitor ()
320 dev
[ 1 ]. request ( "SET sae_groups " )
321 dev
[ 1 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" , ieee80211w
= "0" ,
322 scan_freq
= "2412" , wait_connect
= False )
323 ev
= dev
[ 1 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ,
324 "CTRL-EVENT-ASSOC-REJECT" ], timeout
= 10 )
326 raise Exception ( "No connection result reported" )
327 if "CTRL-EVENT-ASSOC-REJECT" not in ev
:
328 raise Exception ( "SAE connection without MFP was not rejected" )
329 if "status_code=31" not in ev
:
330 raise Exception ( "Unexpected status code in rejection: " + ev
)
331 dev
[ 1 ]. request ( "DISCONNECT" )
332 dev
[ 1 ]. dump_monitor ()
334 dev
[ 2 ]. connect ( "test-sae" , psk
= "12345678" , ieee80211w
= "0" , scan_freq
= "2412" )
335 dev
[ 2 ]. dump_monitor ()
337 def test_sae_mfp ( dev
, apdev
):
338 """SAE and MFP enabled without sae_require_mfp"""
339 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
340 raise HwsimSkip ( "SAE not supported" )
341 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
342 params
[ 'wpa_key_mgmt' ] = 'SAE'
343 params
[ "ieee80211w" ] = "1"
344 hostapd
. add_ap ( apdev
[ 0 ], params
)
346 dev
[ 0 ]. request ( "SET sae_groups " )
347 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" , ieee80211w
= "2" ,
350 dev
[ 1 ]. request ( "SET sae_groups " )
351 dev
[ 1 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" , ieee80211w
= "0" ,
355 def test_sae_missing_password ( dev
, apdev
):
356 """SAE and missing password"""
357 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
358 raise HwsimSkip ( "SAE not supported" )
359 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
360 passphrase
= "12345678" )
361 params
[ 'wpa_key_mgmt' ] = 'SAE'
362 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
364 dev
[ 0 ]. request ( "SET sae_groups " )
365 id = dev
[ 0 ]. connect ( "test-sae" ,
366 raw_psk
= "46b4a73b8a951ad53ebd2e0afdb9c5483257edd4c21d12b7710759da70945858" ,
367 key_mgmt
= "SAE" , scan_freq
= "2412" , wait_connect
= False )
368 ev
= dev
[ 0 ]. wait_event ([ 'CTRL-EVENT-SSID-TEMP-DISABLED' ], timeout
= 10 )
370 raise Exception ( "Invalid network not temporarily disabled" )
373 def test_sae_key_lifetime_in_memory ( dev
, apdev
, params
):
374 """SAE and key lifetime in memory"""
375 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
376 raise HwsimSkip ( "SAE not supported" )
377 password
= "5ad144a7c1f5a5503baa6fa01dabc15b1843e8c01662d78d16b70b5cd23cf8b"
378 p
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= password
)
379 p
[ 'wpa_key_mgmt' ] = 'SAE'
380 hapd
= hostapd
. add_ap ( apdev
[ 0 ], p
)
382 pid
= find_wpas_process ( dev
[ 0 ])
384 dev
[ 0 ]. request ( "SET sae_groups " )
385 id = dev
[ 0 ]. connect ( "test-sae" , psk
= password
, key_mgmt
= "SAE" ,
388 # The decrypted copy of GTK is freed only after the CTRL-EVENT-CONNECTED
389 # event has been delivered, so verify that wpa_supplicant has returned to
390 # eloop before reading process memory.
393 password
= password
. encode ()
394 buf
= read_process_memory ( pid
, password
)
396 dev
[ 0 ]. request ( "DISCONNECT" )
397 dev
[ 0 ]. wait_disconnected ()
406 with
open ( os
. path
. join ( params
[ 'logdir' ], 'log0' ), 'r' ) as f
:
407 for l
in f
. readlines ():
408 if "SAE: k - hexdump" in l
:
409 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
410 sae_k
= binascii
. unhexlify ( val
)
411 if "SAE: keyseed - hexdump" in l
:
412 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
413 sae_keyseed
= binascii
. unhexlify ( val
)
414 if "SAE: KCK - hexdump" in l
:
415 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
416 sae_kck
= binascii
. unhexlify ( val
)
417 if "SAE: PMK - hexdump" in l
:
418 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
419 pmk
= binascii
. unhexlify ( val
)
420 if "WPA: PTK - hexdump" in l
:
421 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
422 ptk
= binascii
. unhexlify ( val
)
423 if "WPA: Group Key - hexdump" in l
:
424 val
= l
. strip (). split ( ':' )[ 3 ]. replace ( ' ' , '' )
425 gtk
= binascii
. unhexlify ( val
)
426 if not sae_k
or not sae_keyseed
or not sae_kck
or not pmk
or not ptk
or not gtk
:
427 raise Exception ( "Could not find keys from debug log" )
429 raise Exception ( "Unexpected GTK length" )
435 fname
= os
. path
. join ( params
[ 'logdir' ],
436 'sae_key_lifetime_in_memory.memctx-' )
438 logger
. info ( "Checking keys in memory while associated" )
439 get_key_locations ( buf
, password
, "Password" )
440 get_key_locations ( buf
, pmk
, "PMK" )
441 if password
not in buf
:
442 raise HwsimSkip ( "Password not found while associated" )
444 raise HwsimSkip ( "PMK not found while associated" )
446 raise Exception ( "KCK not found while associated" )
448 raise Exception ( "KEK not found while associated" )
450 # raise Exception("TK found from memory")
451 verify_not_present ( buf
, sae_k
, fname
, "SAE(k)" )
452 verify_not_present ( buf
, sae_keyseed
, fname
, "SAE(keyseed)" )
453 verify_not_present ( buf
, sae_kck
, fname
, "SAE(KCK)" )
455 logger
. info ( "Checking keys in memory after disassociation" )
456 buf
= read_process_memory ( pid
, password
)
458 # Note: Password is still present in network configuration
459 # Note: PMK is in PMKSA cache
461 get_key_locations ( buf
, password
, "Password" )
462 get_key_locations ( buf
, pmk
, "PMK" )
463 verify_not_present ( buf
, kck
, fname
, "KCK" )
464 verify_not_present ( buf
, kek
, fname
, "KEK" )
465 verify_not_present ( buf
, tk
, fname
, "TK" )
467 get_key_locations ( buf
, gtk
, "GTK" )
468 verify_not_present ( buf
, gtk
, fname
, "GTK" )
469 verify_not_present ( buf
, sae_k
, fname
, "SAE(k)" )
470 verify_not_present ( buf
, sae_keyseed
, fname
, "SAE(keyseed)" )
471 verify_not_present ( buf
, sae_kck
, fname
, "SAE(KCK)" )
473 dev
[ 0 ]. request ( "PMKSA_FLUSH" )
474 logger
. info ( "Checking keys in memory after PMKSA cache flush" )
475 buf
= read_process_memory ( pid
, password
)
476 get_key_locations ( buf
, password
, "Password" )
477 get_key_locations ( buf
, pmk
, "PMK" )
478 verify_not_present ( buf
, pmk
, fname
, "PMK" )
480 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
482 logger
. info ( "Checking keys in memory after network profile removal" )
483 buf
= read_process_memory ( pid
, password
)
485 get_key_locations ( buf
, password
, "Password" )
486 get_key_locations ( buf
, pmk
, "PMK" )
487 verify_not_present ( buf
, password
, fname
, "password" )
488 verify_not_present ( buf
, pmk
, fname
, "PMK" )
489 verify_not_present ( buf
, kck
, fname
, "KCK" )
490 verify_not_present ( buf
, kek
, fname
, "KEK" )
491 verify_not_present ( buf
, tk
, fname
, "TK" )
492 verify_not_present ( buf
, gtk
, fname
, "GTK" )
493 verify_not_present ( buf
, sae_k
, fname
, "SAE(k)" )
494 verify_not_present ( buf
, sae_keyseed
, fname
, "SAE(keyseed)" )
495 verify_not_present ( buf
, sae_kck
, fname
, "SAE(KCK)" )
498 def test_sae_oom_wpas ( dev
, apdev
):
499 """SAE and OOM in wpa_supplicant"""
500 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
501 raise HwsimSkip ( "SAE not supported" )
502 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
503 passphrase
= "12345678" )
504 params
[ 'wpa_key_mgmt' ] = 'SAE'
505 params
[ 'sae_groups' ] = '19 25 26 20'
506 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
508 dev
[ 0 ]. request ( "SET sae_groups 20" )
509 with
alloc_fail ( dev
[ 0 ], 1 , "sae_set_group" ):
510 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
512 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
514 dev
[ 0 ]. request ( "SET sae_groups " )
515 with
alloc_fail ( dev
[ 0 ], 2 , "sae_set_group" ):
516 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
518 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
520 with
alloc_fail ( dev
[ 0 ], 1 , "wpabuf_alloc;sme_auth_build_sae_commit" ):
521 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
523 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
525 with
alloc_fail ( dev
[ 0 ], 1 , "wpabuf_alloc;sme_auth_build_sae_confirm" ):
526 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
527 scan_freq
= "2412" , wait_connect
= False )
528 wait_fail_trigger ( dev
[ 0 ], "GET_ALLOC_FAIL" )
529 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
531 with
alloc_fail ( dev
[ 0 ], 1 , "=sme_authenticate" ):
532 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
533 scan_freq
= "2412" , wait_connect
= False )
534 wait_fail_trigger ( dev
[ 0 ], "GET_ALLOC_FAIL" )
535 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
537 with
alloc_fail ( dev
[ 0 ], 1 , "radio_add_work;sme_authenticate" ):
538 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
539 scan_freq
= "2412" , wait_connect
= False )
540 wait_fail_trigger ( dev
[ 0 ], "GET_ALLOC_FAIL" )
541 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
544 def test_sae_proto_ecc ( dev
, apdev
):
545 """SAE protocol testing (ECC)"""
546 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
547 raise HwsimSkip ( "SAE not supported" )
548 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
549 passphrase
= "12345678" )
550 params
[ 'wpa_key_mgmt' ] = 'SAE'
551 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
552 bssid
= apdev
[ 0 ][ 'bssid' ]
554 dev
[ 0 ]. request ( "SET sae_groups 19" )
556 tests
= [( "Confirm mismatch" ,
557 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
558 "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc4240" ),
559 ( "Commit without even full cyclic group field" ,
563 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02" ,
565 ( "Invalid commit scalar (0)" ,
566 "1300" + "0000000000000000000000000000000000000000000000000000000000000000" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
568 ( "Invalid commit scalar (1)" ,
569 "1300" + "0000000000000000000000000000000000000000000000000000000000000001" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
571 ( "Invalid commit scalar (> r)" ,
572 "1300" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
574 ( "Commit element not on curve" ,
575 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728d0000000000000000000000000000000000000000000000000000000000000000" ,
577 ( "Invalid commit element (y coordinate > P)" ,
578 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" ,
580 ( "Invalid commit element (x coordinate > P)" ,
581 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
583 ( "Different group in commit" ,
584 "1400" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
586 ( "Too short confirm" ,
587 "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8" ,
588 "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc42" )]
589 for ( note
, commit
, confirm
) in tests
:
591 dev
[ 0 ]. scan_for_bss ( bssid
, freq
= 2412 )
592 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
593 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
594 scan_freq
= "2412" , wait_connect
= False )
596 logger
. info ( "Commit" )
597 for i
in range ( 0 , 10 ):
600 raise Exception ( "MGMT RX wait timed out (commit)" )
601 if req
[ 'subtype' ] == 11 :
605 raise Exception ( "Authentication frame (commit) not received" )
609 resp
[ 'fc' ] = req
[ 'fc' ]
610 resp
[ 'da' ] = req
[ 'sa' ]
611 resp
[ 'sa' ] = req
[ 'da' ]
612 resp
[ 'bssid' ] = req
[ 'bssid' ]
613 resp
[ 'payload' ] = binascii
. unhexlify ( "030001000000" + commit
)
617 logger
. info ( "Confirm" )
618 for i
in range ( 0 , 10 ):
621 raise Exception ( "MGMT RX wait timed out (confirm)" )
622 if req
[ 'subtype' ] == 11 :
626 raise Exception ( "Authentication frame (confirm) not received" )
630 resp
[ 'fc' ] = req
[ 'fc' ]
631 resp
[ 'da' ] = req
[ 'sa' ]
632 resp
[ 'sa' ] = req
[ 'da' ]
633 resp
[ 'bssid' ] = req
[ 'bssid' ]
634 resp
[ 'payload' ] = binascii
. unhexlify ( "030002000000" + confirm
)
638 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
639 hapd
. set ( "ext_mgmt_frame_handling" , "0" )
643 def test_sae_proto_ffc ( dev
, apdev
):
644 """SAE protocol testing (FFC)"""
645 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
646 raise HwsimSkip ( "SAE not supported" )
647 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
648 passphrase
= "12345678" )
649 params
[ 'wpa_key_mgmt' ] = 'SAE'
650 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
651 bssid
= apdev
[ 0 ][ 'bssid' ]
653 dev
[ 0 ]. request ( "SET sae_groups 2" )
655 tests
= [( "Confirm mismatch" ,
656 "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a17486" ,
657 "0000f3116a9731f1259622e3eb55d4b3b50ba16f8c5f5565b28e609b180c51460251" ),
659 "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a174" ,
661 ( "Invalid element (0) in commit" ,
662 "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" ,
664 ( "Invalid element (1) in commit" ,
665 "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001" ,
667 ( "Invalid element (> P) in commit" ,
668 "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" ,
670 for ( note
, commit
, confirm
) in tests
:
672 dev
[ 0 ]. scan_for_bss ( bssid
, freq
= 2412 )
673 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
674 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
675 scan_freq
= "2412" , wait_connect
= False )
677 logger
. info ( "Commit" )
678 for i
in range ( 0 , 10 ):
681 raise Exception ( "MGMT RX wait timed out (commit)" )
682 if req
[ 'subtype' ] == 11 :
686 raise Exception ( "Authentication frame (commit) not received" )
690 resp
[ 'fc' ] = req
[ 'fc' ]
691 resp
[ 'da' ] = req
[ 'sa' ]
692 resp
[ 'sa' ] = req
[ 'da' ]
693 resp
[ 'bssid' ] = req
[ 'bssid' ]
694 resp
[ 'payload' ] = binascii
. unhexlify ( "030001000000" + commit
)
698 logger
. info ( "Confirm" )
699 for i
in range ( 0 , 10 ):
702 raise Exception ( "MGMT RX wait timed out (confirm)" )
703 if req
[ 'subtype' ] == 11 :
707 raise Exception ( "Authentication frame (confirm) not received" )
711 resp
[ 'fc' ] = req
[ 'fc' ]
712 resp
[ 'da' ] = req
[ 'sa' ]
713 resp
[ 'sa' ] = req
[ 'da' ]
714 resp
[ 'bssid' ] = req
[ 'bssid' ]
715 resp
[ 'payload' ] = binascii
. unhexlify ( "030002000000" + confirm
)
719 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
720 hapd
. set ( "ext_mgmt_frame_handling" , "0" )
723 def test_sae_proto_confirm_replay ( dev
, apdev
):
724 """SAE protocol testing - Confirm replay"""
725 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
726 raise HwsimSkip ( "SAE not supported" )
727 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
728 passphrase
= "12345678" )
729 params
[ 'wpa_key_mgmt' ] = 'SAE'
730 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
731 bssid
= apdev
[ 0 ][ 'bssid' ]
733 dev
[ 0 ]. request ( "SET sae_groups 19" )
735 dev
[ 0 ]. scan_for_bss ( bssid
, freq
= 2412 )
736 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
737 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
738 scan_freq
= "2412" , wait_connect
= False )
740 logger
. info ( "Commit" )
741 for i
in range ( 0 , 10 ):
744 raise Exception ( "MGMT RX wait timed out (commit)" )
745 if req
[ 'subtype' ] == 11 :
749 raise Exception ( "Authentication frame (commit) not received" )
751 bssid
= hapd
. own_addr (). replace ( ':' , '' )
752 addr
= dev
[ 0 ]. own_addr (). replace ( ':' , '' )
753 hdr
= "b0003a01" + bssid
+ addr
+ bssid
+ "1000"
756 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii
. hexlify ( req
[ 'frame' ]). decode ())
758 logger
. info ( "Confirm" )
759 for i
in range ( 0 , 10 ):
762 raise Exception ( "MGMT RX wait timed out (confirm)" )
763 if req
[ 'subtype' ] == 11 :
767 raise Exception ( "Authentication frame (confirm) not received" )
770 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii
. hexlify ( req
[ 'frame' ]). decode ())
772 logger
. info ( "Replay Confirm" )
773 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii
. hexlify ( req
[ 'frame' ]). decode ())
775 logger
. info ( "Association Request" )
776 for i
in range ( 0 , 10 ):
779 raise Exception ( "MGMT RX wait timed out (AssocReq)" )
780 if req
[ 'subtype' ] == 0 :
784 raise Exception ( "Association Request frame not received" )
787 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii
. hexlify ( req
[ 'frame' ]). decode ())
788 ev
= hapd
. wait_event ([ "MGMT-TX-STATUS" ], timeout
= 5 )
790 raise Exception ( "Management frame TX status not reported (1)" )
791 if "stype=1 ok=1" not in ev
:
792 raise Exception ( "Unexpected management frame TX status (1): " + ev
)
793 cmd
= "MGMT_TX_STATUS_PROCESS %s " % ( " " . join ( ev
. split ( ' ' )[ 1 : 4 ]))
794 if "OK" not in hapd
. request ( cmd
):
795 raise Exception ( "MGMT_TX_STATUS_PROCESS failed" )
797 hapd
. set ( "ext_mgmt_frame_handling" , "0" )
799 dev
[ 0 ]. wait_connected ()
801 def test_sae_proto_hostapd ( dev
, apdev
):
802 """SAE protocol testing with hostapd"""
803 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
804 params
[ 'wpa_key_mgmt' ] = 'SAE'
805 params
[ 'sae_groups' ] = "19 65535"
806 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
807 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
808 bssid
= hapd
. own_addr (). replace ( ':' , '' )
809 addr
= "020000000000"
810 addr2
= "020000000001"
811 hdr
= "b0003a01" + bssid
+ addr
+ bssid
+ "1000"
812 hdr2
= "b0003a01" + bssid
+ addr2
+ bssid
+ "1000"
814 scalar
= "f7df19f4a7fef1d3b895ea1de150b7c5a7a705c8ebb31a52b623e0057908bd93"
815 element_x
= "21931572027f2e953e2a49fab3d992944102cc95aa19515fc068b394fb25ae3c"
816 element_y
= "cb4eeb94d7b0b789abfdb73a67ab9d6d5efa94dd553e0e724a6289821cbce530"
817 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030001000000" + group
+ scalar
+ element_x
+ element_y
)
818 # "SAE: Not enough data for scalar"
819 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030001000000" + group
+ scalar
[:- 2 ])
820 # "SAE: Do not allow group to be changed"
821 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030001000000" + "ffff" + scalar
[:- 2 ])
822 # "SAE: Unsupported Finite Cyclic Group 65535"
823 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr2
+ "030001000000" + "ffff" + scalar
[:- 2 ])
825 def test_sae_proto_hostapd_ecc ( dev
, apdev
):
826 """SAE protocol testing with hostapd (ECC)"""
827 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "foofoofoo" )
828 params
[ 'wpa_key_mgmt' ] = 'SAE'
829 params
[ 'sae_groups' ] = "19"
830 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
831 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
832 bssid
= hapd
. own_addr (). replace ( ':' , '' )
833 addr
= "020000000000"
834 addr2
= "020000000001"
835 hdr
= "b0003a01" + bssid
+ addr
+ bssid
+ "1000"
836 hdr2
= "b0003a01" + bssid
+ addr2
+ bssid
+ "1000"
838 scalar
= "9e9a959bf2dda875a4a29ce9b2afef46f2d83060930124cd9e39ddce798cd69a"
839 element_x
= "dfc55fd8622b91d362f4d1fc9646474d7fba0ff7cce6ca58b8e96a931e070220"
840 element_y
= "dac8a4e80724f167c1349cc9e1f9dd82a7c77b29d49789b63b72b4c849301a28"
841 # sae_parse_commit_element_ecc() failure to parse peer element
842 # (depending on crypto library, either crypto_ec_point_from_bin() failure
843 # or crypto_ec_point_is_on_curve() returning 0)
844 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030001000000" + group
+ scalar
+ element_x
+ element_y
)
845 # Unexpected continuation of the connection attempt with confirm
846 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030002000000" + "0000" + "fd7b081ff4e8676f03612a4140eedcd3c179ab3a13b93863c6f7ca451340b9ae" )
848 def test_sae_proto_hostapd_ffc ( dev
, apdev
):
849 """SAE protocol testing with hostapd (FFC)"""
850 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "foofoofoo" )
851 params
[ 'wpa_key_mgmt' ] = 'SAE'
852 params
[ 'sae_groups' ] = "22"
853 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
854 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
855 bssid
= hapd
. own_addr (). replace ( ':' , '' )
856 addr
= "020000000000"
857 addr2
= "020000000001"
858 hdr
= "b0003a01" + bssid
+ addr
+ bssid
+ "1000"
859 hdr2
= "b0003a01" + bssid
+ addr2
+ bssid
+ "1000"
861 scalar
= "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044cc46a73c07ef479dc66ec1f5e8ccf25131fa40"
862 element
= "0f1d67025e12fc874cf718c35b19d1ab2db858215623f1ce661cbd1d7b1d7a09ceda7dba46866cf37044259b5cac4db15e7feb778edc8098854b93a84347c1850c02ee4d7dac46db79c477c731085d5b39f56803cda1eeac4a2fbbccb9a546379e258c00ebe93dfdd0a34cf8ce5c55cf905a89564a590b7e159fb89198e9d5cd"
863 # sae_parse_commit_element_ffc() failure to parse peer element
864 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030001000000" + group
+ scalar
+ element
)
865 # Unexpected continuation of the connection attempt with confirm
866 hapd
. request ( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr
+ "030002000000" + "0000" + "fd7b081ff4e8676f03612a4140eedcd3c179ab3a13b93863c6f7ca451340b9ae" )
869 def test_sae_no_ffc_by_default ( dev
, apdev
):
870 """SAE and default groups rejecting FFC"""
871 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
872 raise HwsimSkip ( "SAE not supported" )
873 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
874 params
[ 'wpa_key_mgmt' ] = 'SAE'
875 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
877 dev
[ 0 ]. request ( "SET sae_groups 15" )
878 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" , scan_freq
= "2412" ,
880 ev
= dev
[ 0 ]. wait_event ([ "SME: Trying to authenticate" ], timeout
= 3 )
882 raise Exception ( "Did not try to authenticate" )
883 ev
= dev
[ 0 ]. wait_event ([ "SME: Trying to authenticate" ], timeout
= 3 )
885 raise Exception ( "Did not try to authenticate (2)" )
886 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
888 def sae_reflection_attack ( apdev
, dev
, group
):
889 if "SAE" not in dev
. get_capability ( "auth_alg" ):
890 raise HwsimSkip ( "SAE not supported" )
891 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
892 passphrase
= "no-knowledge-of-passphrase" )
893 params
[ 'wpa_key_mgmt' ] = 'SAE'
894 hapd
= hostapd
. add_ap ( apdev
, params
)
895 bssid
= apdev
[ 'bssid' ]
897 dev
. scan_for_bss ( bssid
, freq
= 2412 )
898 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
900 dev
. request ( "SET sae_groups %d " % group
)
901 dev
. connect ( "test-sae" , psk
= "reflection-attack" , key_mgmt
= "SAE" ,
902 scan_freq
= "2412" , wait_connect
= False )
905 for i
in range ( 0 , 10 ):
908 raise Exception ( "MGMT RX wait timed out" )
909 if req
[ 'subtype' ] == 11 :
913 raise Exception ( "Authentication frame not received" )
916 resp
[ 'fc' ] = req
[ 'fc' ]
917 resp
[ 'da' ] = req
[ 'sa' ]
918 resp
[ 'sa' ] = req
[ 'da' ]
919 resp
[ 'bssid' ] = req
[ 'bssid' ]
920 resp
[ 'payload' ] = req
[ 'payload' ]
924 req
= hapd
. mgmt_rx ( timeout
= 0.5 )
926 if req
[ 'subtype' ] == 11 :
927 raise Exception ( "Unexpected Authentication frame seen" )
930 def test_sae_reflection_attack_ecc ( dev
, apdev
):
931 """SAE reflection attack (ECC)"""
932 sae_reflection_attack ( apdev
[ 0 ], dev
[ 0 ], 19 )
935 def test_sae_reflection_attack_ffc ( dev
, apdev
):
936 """SAE reflection attack (FFC)"""
937 sae_reflection_attack ( apdev
[ 0 ], dev
[ 0 ], 15 )
939 def sae_reflection_attack_internal ( apdev
, dev
, group
):
940 if "SAE" not in dev
. get_capability ( "auth_alg" ):
941 raise HwsimSkip ( "SAE not supported" )
942 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
943 passphrase
= "no-knowledge-of-passphrase" )
944 params
[ 'wpa_key_mgmt' ] = 'SAE'
945 params
[ 'sae_reflection_attack' ] = '1'
946 hapd
= hostapd
. add_ap ( apdev
, params
)
947 bssid
= apdev
[ 'bssid' ]
949 dev
. scan_for_bss ( bssid
, freq
= 2412 )
950 dev
. request ( "SET sae_groups %d " % group
)
951 dev
. connect ( "test-sae" , psk
= "reflection-attack" , key_mgmt
= "SAE" ,
952 scan_freq
= "2412" , wait_connect
= False )
953 ev
= dev
. wait_event ([ "SME: Trying to authenticate" ], timeout
= 10 )
955 raise Exception ( "No authentication attempt seen" )
956 ev
= dev
. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
958 raise Exception ( "Unexpected connection" )
961 def test_sae_reflection_attack_ecc_internal ( dev
, apdev
):
962 """SAE reflection attack (ECC) - internal"""
963 sae_reflection_attack_internal ( apdev
[ 0 ], dev
[ 0 ], 19 )
966 def test_sae_reflection_attack_ffc_internal ( dev
, apdev
):
967 """SAE reflection attack (FFC) - internal"""
968 sae_reflection_attack_internal ( apdev
[ 0 ], dev
[ 0 ], 15 )
971 def test_sae_commit_override ( dev
, apdev
):
972 """SAE commit override (hostapd)"""
973 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
974 raise HwsimSkip ( "SAE not supported" )
975 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
976 passphrase
= "12345678" )
977 params
[ 'wpa_key_mgmt' ] = 'SAE'
978 params
[ 'sae_commit_override' ] = '13ffbad00d215867a7c5ff37d87bb9bdb7cb116e520f71e8d7a794ca2606d537ddc6c099c40e7a25372b80a8fd443cd7dd222c8ea21b8ef372d4b3e316c26a73fd999cc79ad483eb826e7b3893ea332da68fa13224bcdeb4fb18b0584dd100a2c514'
979 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
980 dev
[ 0 ]. request ( "SET sae_groups " )
981 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
982 scan_freq
= "2412" , wait_connect
= False )
983 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
985 raise Exception ( "Unexpected connection" )
988 def test_sae_commit_override2 ( dev
, apdev
):
989 """SAE commit override (wpa_supplicant)"""
990 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
991 raise HwsimSkip ( "SAE not supported" )
992 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
993 passphrase
= "12345678" )
994 params
[ 'wpa_key_mgmt' ] = 'SAE'
995 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
996 dev
[ 0 ]. request ( "SET sae_groups " )
997 dev
[ 0 ]. set ( 'sae_commit_override' , '13ffbad00d215867a7c5ff37d87bb9bdb7cb116e520f71e8d7a794ca2606d537ddc6c099c40e7a25372b80a8fd443cd7dd222c8ea21b8ef372d4b3e316c26a73fd999cc79ad483eb826e7b3893ea332da68fa13224bcdeb4fb18b0584dd100a2c514' )
998 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
999 scan_freq
= "2412" , wait_connect
= False )
1000 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
1002 raise Exception ( "Unexpected connection" )
1004 def test_sae_commit_invalid_scalar_element_ap ( dev
, apdev
):
1005 """SAE commit invalid scalar/element from AP"""
1006 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1007 raise HwsimSkip ( "SAE not supported" )
1008 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1009 passphrase
= "12345678" )
1010 params
[ 'wpa_key_mgmt' ] = 'SAE'
1011 params
[ 'sae_commit_override' ] = '1300' + 96 * '00'
1012 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1013 dev
[ 0 ]. request ( "SET sae_groups " )
1014 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
1015 scan_freq
= "2412" , wait_connect
= False )
1016 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
1018 raise Exception ( "Unexpected connection" )
1020 def test_sae_commit_invalid_element_ap ( dev
, apdev
):
1021 """SAE commit invalid element from AP"""
1022 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1023 raise HwsimSkip ( "SAE not supported" )
1024 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1025 passphrase
= "12345678" )
1026 params
[ 'wpa_key_mgmt' ] = 'SAE'
1027 params
[ 'sae_commit_override' ] = '1300' + 31 * '00' + '02' + 64 * '00'
1028 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1029 dev
[ 0 ]. request ( "SET sae_groups " )
1030 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
1031 scan_freq
= "2412" , wait_connect
= False )
1032 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
1034 raise Exception ( "Unexpected connection" )
1036 def test_sae_commit_invalid_scalar_element_sta ( dev
, apdev
):
1037 """SAE commit invalid scalar/element from STA"""
1038 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1039 raise HwsimSkip ( "SAE not supported" )
1040 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1041 passphrase
= "12345678" )
1042 params
[ 'wpa_key_mgmt' ] = 'SAE'
1043 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1044 dev
[ 0 ]. request ( "SET sae_groups " )
1045 dev
[ 0 ]. set ( 'sae_commit_override' , '1300' + 96 * '00' )
1046 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
1047 scan_freq
= "2412" , wait_connect
= False )
1048 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
1050 raise Exception ( "Unexpected connection" )
1052 def test_sae_commit_invalid_element_sta ( dev
, apdev
):
1053 """SAE commit invalid element from STA"""
1054 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1055 raise HwsimSkip ( "SAE not supported" )
1056 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1057 passphrase
= "12345678" )
1058 params
[ 'wpa_key_mgmt' ] = 'SAE'
1059 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1060 dev
[ 0 ]. request ( "SET sae_groups " )
1061 dev
[ 0 ]. set ( 'sae_commit_override' , '1300' + 31 * '00' + '02' + 64 * '00' )
1062 dev
[ 0 ]. connect ( "test-sae" , psk
= "test-sae" , key_mgmt
= "SAE" ,
1063 scan_freq
= "2412" , wait_connect
= False )
1064 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-CONNECTED" ], timeout
= 1 )
1066 raise Exception ( "Unexpected connection" )
1069 def test_sae_anti_clogging_proto ( dev
, apdev
):
1070 """SAE anti clogging protocol testing"""
1071 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1072 raise HwsimSkip ( "SAE not supported" )
1073 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1074 passphrase
= "no-knowledge-of-passphrase" )
1075 params
[ 'wpa_key_mgmt' ] = 'SAE'
1076 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1077 bssid
= apdev
[ 0 ][ 'bssid' ]
1079 dev
[ 0 ]. scan_for_bss ( bssid
, freq
= 2412 )
1080 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
1082 dev
[ 0 ]. request ( "SET sae_groups " )
1083 dev
[ 0 ]. connect ( "test-sae" , psk
= "anti-cloggign" , key_mgmt
= "SAE" ,
1084 scan_freq
= "2412" , wait_connect
= False )
1087 for i
in range ( 0 , 10 ):
1088 req
= hapd
. mgmt_rx ()
1090 raise Exception ( "MGMT RX wait timed out" )
1091 if req
[ 'subtype' ] == 11 :
1095 raise Exception ( "Authentication frame not received" )
1098 resp
[ 'fc' ] = req
[ 'fc' ]
1099 resp
[ 'da' ] = req
[ 'sa' ]
1100 resp
[ 'sa' ] = req
[ 'da' ]
1101 resp
[ 'bssid' ] = req
[ 'bssid' ]
1102 resp
[ 'payload' ] = binascii
. unhexlify ( "030001004c00" + "ffff00" )
1105 # Confirm (not received due to DH group being rejected)
1106 req
= hapd
. mgmt_rx ( timeout
= 0.5 )
1108 if req
[ 'subtype' ] == 11 :
1109 raise Exception ( "Unexpected Authentication frame seen" )
1112 def test_sae_no_random ( dev
, apdev
):
1113 """SAE and no random numbers available"""
1114 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1115 raise HwsimSkip ( "SAE not supported" )
1116 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1117 params
[ 'wpa_key_mgmt' ] = 'SAE'
1118 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1120 dev
[ 0 ]. request ( "SET sae_groups " )
1121 tests
= [( 1 , "os_get_random;sae_get_rand" ),
1122 ( 1 , "os_get_random;get_rand_1_to_p_1" ),
1123 ( 1 , "os_get_random;get_random_qr_qnr" ),
1124 ( 1 , "os_get_random;sae_derive_pwe_ecc" )]
1125 for count
, func
in tests
:
1126 with
fail_test ( dev
[ 0 ], count
, func
):
1127 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1129 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1130 dev
[ 0 ]. wait_disconnected ()
1133 def test_sae_pwe_failure ( dev
, apdev
):
1134 """SAE and pwe failure"""
1135 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1136 raise HwsimSkip ( "SAE not supported" )
1137 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1138 params
[ 'wpa_key_mgmt' ] = 'SAE'
1139 params
[ 'sae_groups' ] = '19 15'
1140 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1142 dev
[ 0 ]. request ( "SET sae_groups 19" )
1143 with
fail_test ( dev
[ 0 ], 1 , "hmac_sha256_vector;sae_derive_pwe_ecc" ):
1144 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1146 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1147 dev
[ 0 ]. wait_disconnected ()
1148 with
fail_test ( dev
[ 0 ], 1 , "sae_test_pwd_seed_ecc" ):
1149 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1151 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1152 dev
[ 0 ]. wait_disconnected ()
1154 dev
[ 0 ]. request ( "SET sae_groups 15" )
1155 with
fail_test ( dev
[ 0 ], 1 , "hmac_sha256_vector;sae_derive_pwe_ffc" ):
1156 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1158 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1159 dev
[ 0 ]. wait_disconnected ()
1161 dev
[ 0 ]. request ( "SET sae_groups 15" )
1162 with
fail_test ( dev
[ 0 ], 1 , "sae_test_pwd_seed_ffc" ):
1163 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1165 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1166 dev
[ 0 ]. wait_disconnected ()
1167 with
fail_test ( dev
[ 0 ], 2 , "sae_test_pwd_seed_ffc" ):
1168 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1170 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1171 dev
[ 0 ]. wait_disconnected ()
1174 def test_sae_bignum_failure ( dev
, apdev
):
1175 """SAE and bignum failure"""
1176 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1177 raise HwsimSkip ( "SAE not supported" )
1178 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1179 params
[ 'wpa_key_mgmt' ] = 'SAE'
1180 params
[ 'sae_groups' ] = '19 15 22'
1181 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1183 dev
[ 0 ]. request ( "SET sae_groups 19" )
1184 tests
= [( 1 , "crypto_bignum_init_set;get_rand_1_to_p_1" ),
1185 ( 1 , "crypto_bignum_init;is_quadratic_residue_blind" ),
1186 ( 1 , "crypto_bignum_mulmod;is_quadratic_residue_blind" ),
1187 ( 2 , "crypto_bignum_mulmod;is_quadratic_residue_blind" ),
1188 ( 3 , "crypto_bignum_mulmod;is_quadratic_residue_blind" ),
1189 ( 1 , "crypto_bignum_legendre;is_quadratic_residue_blind" ),
1190 ( 1 , "crypto_bignum_init_set;sae_test_pwd_seed_ecc" ),
1191 ( 1 , "crypto_ec_point_compute_y_sqr;sae_test_pwd_seed_ecc" ),
1192 ( 1 , "crypto_bignum_init_set;get_random_qr_qnr" ),
1193 ( 1 , "crypto_bignum_to_bin;sae_derive_pwe_ecc" ),
1194 ( 1 , "crypto_ec_point_init;sae_derive_pwe_ecc" ),
1195 ( 1 , "crypto_ec_point_solve_y_coord;sae_derive_pwe_ecc" ),
1196 ( 1 , "crypto_ec_point_init;sae_derive_commit_element_ecc" ),
1197 ( 1 , "crypto_ec_point_mul;sae_derive_commit_element_ecc" ),
1198 ( 1 , "crypto_ec_point_invert;sae_derive_commit_element_ecc" ),
1199 ( 1 , "crypto_bignum_init;=sae_derive_commit" ),
1200 ( 1 , "crypto_ec_point_init;sae_derive_k_ecc" ),
1201 ( 1 , "crypto_ec_point_mul;sae_derive_k_ecc" ),
1202 ( 1 , "crypto_ec_point_add;sae_derive_k_ecc" ),
1203 ( 2 , "crypto_ec_point_mul;sae_derive_k_ecc" ),
1204 ( 1 , "crypto_ec_point_to_bin;sae_derive_k_ecc" ),
1205 ( 1 , "crypto_bignum_legendre;get_random_qr_qnr" ),
1206 ( 1 , "sha256_prf;sae_derive_keys" ),
1207 ( 1 , "crypto_bignum_init;sae_derive_keys" ),
1208 ( 1 , "crypto_bignum_init_set;sae_parse_commit_scalar" ),
1209 ( 1 , "crypto_bignum_to_bin;sae_parse_commit_element_ecc" ),
1210 ( 1 , "crypto_ec_point_from_bin;sae_parse_commit_element_ecc" )]
1211 for count
, func
in tests
:
1212 with
fail_test ( dev
[ 0 ], count
, func
):
1213 hapd
. request ( "NOTE STA failure testing %d : %s " % ( count
, func
))
1214 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1215 scan_freq
= "2412" , wait_connect
= False )
1216 wait_fail_trigger ( dev
[ 0 ], "GET_FAIL" )
1217 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1218 dev
[ 0 ]. dump_monitor ()
1221 dev
[ 0 ]. request ( "SET sae_groups 15" )
1222 tests
= [( 1 , "crypto_bignum_init_set;sae_set_group" ),
1223 ( 2 , "crypto_bignum_init_set;sae_set_group" ),
1224 ( 1 , "crypto_bignum_init_set;sae_get_rand" ),
1225 ( 1 , "crypto_bignum_init_set;sae_test_pwd_seed_ffc" ),
1226 ( 1 , "crypto_bignum_exptmod;sae_test_pwd_seed_ffc" ),
1227 ( 1 , "crypto_bignum_init;sae_derive_pwe_ffc" ),
1228 ( 1 , "crypto_bignum_init;sae_derive_commit_element_ffc" ),
1229 ( 1 , "crypto_bignum_exptmod;sae_derive_commit_element_ffc" ),
1230 ( 1 , "crypto_bignum_inverse;sae_derive_commit_element_ffc" ),
1231 ( 1 , "crypto_bignum_init;sae_derive_k_ffc" ),
1232 ( 1 , "crypto_bignum_exptmod;sae_derive_k_ffc" ),
1233 ( 1 , "crypto_bignum_mulmod;sae_derive_k_ffc" ),
1234 ( 2 , "crypto_bignum_exptmod;sae_derive_k_ffc" ),
1235 ( 1 , "crypto_bignum_to_bin;sae_derive_k_ffc" ),
1236 ( 1 , "crypto_bignum_init_set;sae_parse_commit_element_ffc" ),
1237 ( 1 , "crypto_bignum_init;sae_parse_commit_element_ffc" ),
1238 ( 2 , "crypto_bignum_init_set;sae_parse_commit_element_ffc" ),
1239 ( 1 , "crypto_bignum_exptmod;sae_parse_commit_element_ffc" )]
1240 for count
, func
in tests
:
1241 with
fail_test ( dev
[ 0 ], count
, func
):
1242 hapd
. request ( "NOTE STA failure testing %d : %s " % ( count
, func
))
1243 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1244 scan_freq
= "2412" , wait_connect
= False )
1245 wait_fail_trigger ( dev
[ 0 ], "GET_FAIL" )
1246 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1247 dev
[ 0 ]. dump_monitor ()
1250 def test_sae_bignum_failure_unsafe_group ( dev
, apdev
):
1251 """SAE and bignum failure unsafe group"""
1252 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1253 raise HwsimSkip ( "SAE not supported" )
1254 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1255 params
[ 'wpa_key_mgmt' ] = 'SAE'
1256 params
[ 'sae_groups' ] = '22'
1257 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1259 dev
[ 0 ]. request ( "SET sae_groups 22" )
1260 tests
= [( 1 , "crypto_bignum_init_set;sae_test_pwd_seed_ffc" ),
1261 ( 1 , "crypto_bignum_sub;sae_test_pwd_seed_ffc" ),
1262 ( 1 , "crypto_bignum_div;sae_test_pwd_seed_ffc" )]
1263 for count
, func
in tests
:
1264 with
fail_test ( dev
[ 0 ], count
, func
):
1265 hapd
. request ( "NOTE STA failure testing %d : %s " % ( count
, func
))
1266 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1267 scan_freq
= "2412" , wait_connect
= False )
1268 wait_fail_trigger ( dev
[ 0 ], "GET_FAIL" )
1269 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1270 dev
[ 0 ]. dump_monitor ()
1273 def test_sae_invalid_anti_clogging_token_req ( dev
, apdev
):
1274 """SAE and invalid anti-clogging token request"""
1275 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1276 raise HwsimSkip ( "SAE not supported" )
1277 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1278 params
[ 'wpa_key_mgmt' ] = 'SAE'
1279 # Beacon more frequently since Probe Request frames are practically ignored
1280 # in this test setup (ext_mgmt_frame_handled=1 on hostapd side) and
1281 # wpa_supplicant scans may end up getting ignored if no new results are
1282 # available due to the missing Probe Response frames.
1283 params
[ 'beacon_int' ] = '20'
1284 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1285 bssid
= apdev
[ 0 ][ 'bssid' ]
1287 dev
[ 0 ]. request ( "SET sae_groups 19" )
1288 dev
[ 0 ]. scan_for_bss ( bssid
, freq
= 2412 )
1289 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
1290 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1291 scan_freq
= "2412" , wait_connect
= False )
1292 ev
= dev
[ 0 ]. wait_event ([ "SME: Trying to authenticate" ])
1294 raise Exception ( "No authentication attempt seen (1)" )
1295 dev
[ 0 ]. dump_monitor ()
1297 for i
in range ( 0 , 10 ):
1298 req
= hapd
. mgmt_rx ()
1300 raise Exception ( "MGMT RX wait timed out (commit)" )
1301 if req
[ 'subtype' ] == 11 :
1305 raise Exception ( "Authentication frame (commit) not received" )
1309 resp
[ 'fc' ] = req
[ 'fc' ]
1310 resp
[ 'da' ] = req
[ 'sa' ]
1311 resp
[ 'sa' ] = req
[ 'da' ]
1312 resp
[ 'bssid' ] = req
[ 'bssid' ]
1313 resp
[ 'payload' ] = binascii
. unhexlify ( "030001004c0013" )
1315 ev
= hapd
. wait_event ([ "MGMT-TX-STATUS" ], timeout
= 5 )
1317 raise Exception ( "Management frame TX status not reported (1)" )
1318 if "stype=11 ok=1" not in ev
:
1319 raise Exception ( "Unexpected management frame TX status (1): " + ev
)
1321 ev
= dev
[ 0 ]. wait_event ([ "SME: Trying to authenticate" ])
1323 raise Exception ( "No authentication attempt seen (2)" )
1324 dev
[ 0 ]. dump_monitor ()
1326 for i
in range ( 0 , 10 ):
1327 req
= hapd
. mgmt_rx ()
1329 raise Exception ( "MGMT RX wait timed out (commit) (2)" )
1330 if req
[ 'subtype' ] == 11 :
1334 raise Exception ( "Authentication frame (commit) not received (2)" )
1338 resp
[ 'fc' ] = req
[ 'fc' ]
1339 resp
[ 'da' ] = req
[ 'sa' ]
1340 resp
[ 'sa' ] = req
[ 'da' ]
1341 resp
[ 'bssid' ] = req
[ 'bssid' ]
1342 resp
[ 'payload' ] = binascii
. unhexlify ( "030001000100" )
1344 ev
= hapd
. wait_event ([ "MGMT-TX-STATUS" ], timeout
= 5 )
1346 raise Exception ( "Management frame TX status not reported (1)" )
1347 if "stype=11 ok=1" not in ev
:
1348 raise Exception ( "Unexpected management frame TX status (1): " + ev
)
1350 ev
= dev
[ 0 ]. wait_event ([ "SME: Trying to authenticate" ])
1352 raise Exception ( "No authentication attempt seen (3)" )
1353 dev
[ 0 ]. dump_monitor ()
1355 dev
[ 0 ]. request ( "DISCONNECT" )
1357 def test_sae_password ( dev
, apdev
):
1358 """SAE and sae_password in hostapd configuration"""
1359 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1360 raise HwsimSkip ( "SAE not supported" )
1361 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1362 passphrase
= "12345678" )
1363 params
[ 'wpa_key_mgmt' ] = 'SAE WPA-PSK'
1364 params
[ 'sae_password' ] = "sae-password"
1365 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1367 dev
[ 0 ]. request ( "SET sae_groups " )
1368 dev
[ 0 ]. connect ( "test-sae" , psk
= "sae-password" , key_mgmt
= "SAE" ,
1370 dev
[ 1 ]. connect ( "test-sae" , psk
= "12345678" , scan_freq
= "2412" )
1371 dev
[ 2 ]. request ( "SET sae_groups " )
1372 dev
[ 2 ]. connect ( "test-sae" , sae_password
= "sae-password" , key_mgmt
= "SAE" ,
1375 def test_sae_password_short ( dev
, apdev
):
1376 """SAE and short password"""
1377 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1378 raise HwsimSkip ( "SAE not supported" )
1379 params
= hostapd
. wpa2_params ( ssid
= "test-sae" )
1380 params
[ 'wpa_key_mgmt' ] = 'SAE'
1381 params
[ 'sae_password' ] = "secret"
1382 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1384 dev
[ 0 ]. request ( "SET sae_groups " )
1385 dev
[ 0 ]. connect ( "test-sae" , sae_password
= "secret" , key_mgmt
= "SAE" ,
1388 def test_sae_password_long ( dev
, apdev
):
1389 """SAE and long password"""
1390 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1391 raise HwsimSkip ( "SAE not supported" )
1392 params
= hostapd
. wpa2_params ( ssid
= "test-sae" )
1393 params
[ 'wpa_key_mgmt' ] = 'SAE'
1394 params
[ 'sae_password' ] = 100 * "A"
1395 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1397 dev
[ 0 ]. request ( "SET sae_groups " )
1398 dev
[ 0 ]. connect ( "test-sae" , sae_password
= 100 * "A" , key_mgmt
= "SAE" ,
1401 def test_sae_connect_cmd ( dev
, apdev
):
1402 """SAE with connect command"""
1403 wpas
= WpaSupplicant ( global_iface
= '/tmp/wpas-wlan5' )
1404 wpas
. interface_add ( "wlan5" , drv_params
= "force_connect_cmd=1" )
1405 if "SAE" not in wpas
. get_capability ( "auth_alg" ):
1406 raise HwsimSkip ( "SAE not supported" )
1407 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1408 params
[ 'wpa_key_mgmt' ] = 'SAE'
1409 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1411 wpas
. request ( "SET sae_groups " )
1412 wpas
. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1413 scan_freq
= "2412" , wait_connect
= False )
1414 # mac80211_hwsim does not support SAE offload, so accept both a successful
1415 # connection and association rejection.
1416 ev
= wpas
. wait_event ([ "CTRL-EVENT-CONNECTED" , "CTRL-EVENT-ASSOC-REJECT" ,
1417 "Association request to the driver failed" ],
1420 raise Exception ( "No connection result reported" )
1422 def run_sae_password_id ( dev
, apdev
, groups
= None ):
1423 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1424 raise HwsimSkip ( "SAE not supported" )
1425 params
= hostapd
. wpa2_params ( ssid
= "test-sae" )
1426 params
[ 'wpa_key_mgmt' ] = 'SAE'
1428 params
[ 'sae_groups' ] = groups
1431 params
[ 'sae_password' ] = [ 'secret|mac=ff:ff:ff:ff:ff:ff|id=pw id' ,
1432 'foo|mac=02:02:02:02:02:02' ,
1433 'another secret|mac=ff:ff:ff:ff:ff:ff|id=' + 29 * 'A' ]
1434 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1436 dev
[ 0 ]. request ( "SET sae_groups " + groups
)
1437 dev
[ 0 ]. connect ( "test-sae" , sae_password
= "secret" , sae_password_id
= "pw id" ,
1438 key_mgmt
= "SAE" , scan_freq
= "2412" )
1439 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1440 dev
[ 0 ]. wait_disconnected ()
1442 # SAE Password Identifier element with the exact same length as the
1443 # optional Anti-Clogging Token field
1444 dev
[ 0 ]. connect ( "test-sae" , sae_password
= "another secret" ,
1445 sae_password_id
= 29 * 'A' ,
1446 key_mgmt
= "SAE" , scan_freq
= "2412" )
1447 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1448 dev
[ 0 ]. wait_disconnected ()
1450 dev
[ 0 ]. connect ( "test-sae" , sae_password
= "secret" , sae_password_id
= "unknown" ,
1451 key_mgmt
= "SAE" , scan_freq
= "2412" , wait_connect
= False )
1453 ev
= dev
[ 0 ]. wait_event ([ "CTRL-EVENT-SAE-UNKNOWN-PASSWORD-IDENTIFIER" ],
1456 raise Exception ( "Unknown password identifier not reported" )
1457 dev
[ 0 ]. request ( "REMOVE_NETWORK all" )
1459 def test_sae_password_id ( dev
, apdev
):
1460 """SAE and password identifier"""
1461 run_sae_password_id ( dev
, apdev
, "" )
1463 def test_sae_password_id_ecc ( dev
, apdev
):
1464 """SAE and password identifier (ECC)"""
1465 run_sae_password_id ( dev
, apdev
, "19" )
1467 def test_sae_password_id_ffc ( dev
, apdev
):
1468 """SAE and password identifier (FFC)"""
1469 run_sae_password_id ( dev
, apdev
, "15" )
1471 def test_sae_password_id_only ( dev
, apdev
):
1472 """SAE and password identifier (exclusively)"""
1473 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1474 raise HwsimSkip ( "SAE not supported" )
1475 params
= hostapd
. wpa2_params ( ssid
= "test-sae" )
1476 params
[ 'wpa_key_mgmt' ] = 'SAE'
1477 params
[ 'sae_password' ] = 'secret|id=pw id'
1478 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1480 dev
[ 0 ]. request ( "SET sae_groups " )
1481 dev
[ 0 ]. connect ( "test-sae" , sae_password
= "secret" , sae_password_id
= "pw id" ,
1482 key_mgmt
= "SAE" , scan_freq
= "2412" )
1484 def test_sae_forced_anti_clogging_pw_id ( dev
, apdev
):
1485 """SAE anti clogging (forced and Password Identifier)"""
1486 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1487 raise HwsimSkip ( "SAE not supported" )
1488 params
= hostapd
. wpa2_params ( ssid
= "test-sae" )
1489 params
[ 'wpa_key_mgmt' ] = 'SAE'
1490 params
[ 'sae_anti_clogging_threshold' ] = '0'
1491 params
[ 'sae_password' ] = 'secret|id=' + 29 * 'A'
1492 hostapd
. add_ap ( apdev
[ 0 ], params
)
1493 for i
in range ( 0 , 2 ):
1494 dev
[ i
]. request ( "SET sae_groups " )
1495 dev
[ i
]. connect ( "test-sae" , sae_password
= "secret" ,
1496 sae_password_id
= 29 * 'A' , key_mgmt
= "SAE" , scan_freq
= "2412" )
1498 def test_sae_reauth ( dev
, apdev
):
1499 """SAE reauthentication"""
1500 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1501 raise HwsimSkip ( "SAE not supported" )
1502 params
= hostapd
. wpa2_params ( ssid
= "test-sae" ,
1503 passphrase
= "12345678" )
1504 params
[ 'wpa_key_mgmt' ] = 'SAE'
1505 params
[ "ieee80211w" ] = "2"
1506 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1508 dev
[ 0 ]. request ( "SET sae_groups " )
1509 id = dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1510 ieee80211w
= "2" , scan_freq
= "2412" )
1512 hapd
. set ( "ext_mgmt_frame_handling" , "1" )
1513 dev
[ 0 ]. request ( "DISCONNECT" )
1514 dev
[ 0 ]. wait_disconnected ( timeout
= 10 )
1515 hapd
. set ( "ext_mgmt_frame_handling" , "0" )
1516 dev
[ 0 ]. request ( "PMKSA_FLUSH" )
1517 dev
[ 0 ]. request ( "REASSOCIATE" )
1518 dev
[ 0 ]. wait_connected ( timeout
= 10 , error
= "Timeout on re-connection" )
1520 def test_sae_anti_clogging_during_attack ( dev
, apdev
):
1521 """SAE anti clogging during an attack"""
1523 run_sae_anti_clogging_during_attack ( dev
, apdev
)
1525 stop_monitor ( apdev
[ 1 ][ "ifname" ])
1527 def build_sae_commit ( bssid
, addr
, group
= 21 , token
= None ):
1529 scalar
= binascii
. unhexlify ( "7332d3ebff24804005ccd8c56141e3ed8d84f40638aa31cd2fac11d4d2e89e7b" )
1530 element
= binascii
. unhexlify ( "954d0f4457066bff3168376a1d7174f4e66620d1792406f613055b98513a7f03a538c13dfbaf2029e2adc6aa96aa0ddcf08ac44887b02f004b7f29b9dbf4b7d9" )
1532 scalar
= binascii
. unhexlify ( "001eec673111b902f5c8a61c8cb4c1c4793031aeea8c8c319410903bc64bcbaea134ab01c4e016d51436f5b5426f7e2af635759a3033fb4031ea79f89a62a3e2f828" )
1533 element
= binascii
. unhexlify ( "00580eb4b448ea600ea277d5e66e4ed37db82bb04ac90442e9c3727489f366ba4b82f0a472d02caf4cdd142e96baea5915d71374660ee23acbaca38cf3fe8c5fb94b01abbc5278121635d7c06911c5dad8f18d516e1fbe296c179b7c87a1dddfab393337d3d215ed333dd396da6d8f20f798c60d054f1093c24d9c2d98e15c030cc375f0" )
1535 frame
= binascii
. unhexlify ( "b0003a01" )
1536 frame
+= bssid
+ addr
+ bssid
1537 frame
+= binascii
. unhexlify ( "1000" )
1541 frame
+= struct
. pack ( "<HHHH" , auth_alg
, transact
, status
, group
)
1544 frame
+= scalar
+ element
1547 def sae_rx_commit_token_req ( sock
, radiotap
, send_two
= False ):
1548 msg
= sock
. recv ( 1500 )
1549 ver
, pad
, len , present
= struct
. unpack ( '<BBHL' , msg
[ 0 : 8 ])
1551 fc
, duration
= struct
. unpack ( '<HH' , frame
[ 0 : 4 ])
1559 bssid
= frame
[ 12 : 18 ]
1562 alg
, seq
, status
, group
= struct
. unpack ( '<HHHH' , body
[ 0 : 8 ])
1563 if alg
!= 3 or seq
!= 1 or status
!= 76 :
1567 frame
= build_sae_commit ( bssid
, da
, token
= token
)
1568 sock
. send ( radiotap
+ frame
)
1570 sock
. send ( radiotap
+ frame
)
1573 def run_sae_anti_clogging_during_attack ( dev
, apdev
):
1574 if "SAE" not in dev
[ 0 ]. get_capability ( "auth_alg" ):
1575 raise HwsimSkip ( "SAE not supported" )
1576 params
= hostapd
. wpa2_params ( ssid
= "test-sae" , passphrase
= "12345678" )
1577 params
[ 'wpa_key_mgmt' ] = 'SAE'
1578 params
[ 'sae_groups' ] = '21'
1579 hapd
= hostapd
. add_ap ( apdev
[ 0 ], params
)
1581 dev
[ 0 ]. scan_for_bss ( hapd
. own_addr (), freq
= 2412 )
1582 dev
[ 0 ]. request ( "SET sae_groups 21" )
1583 dev
[ 1 ]. scan_for_bss ( hapd
. own_addr (), freq
= 2412 )
1584 dev
[ 1 ]. request ( "SET sae_groups 21" )
1586 sock
= start_monitor ( apdev
[ 1 ][ "ifname" ])
1587 radiotap
= radiotap_build ()
1589 bssid
= binascii
. unhexlify ( hapd
. own_addr (). replace ( ':' , '' ))
1591 addr
= binascii
. unhexlify ( "f2 %0 10x" % i
)
1592 frame
= build_sae_commit ( bssid
, addr
)
1593 sock
. send ( radiotap
+ frame
)
1594 sock
. send ( radiotap
+ frame
)
1597 for i
in range ( 150 ):
1598 if sae_rx_commit_token_req ( sock
, radiotap
, send_two
= True ):
1600 logger
. info ( "Number of token responses sent: %d " % count
)
1602 raise Exception ( "Too few token responses seen: %d " % count
)
1605 addr
= binascii
. unhexlify ( "f201 %0 8x" % i
)
1606 frame
= build_sae_commit ( bssid
, addr
)
1607 sock
. send ( radiotap
+ frame
)
1610 for i
in range ( 150 ):
1611 if sae_rx_commit_token_req ( sock
, radiotap
):
1616 raise Exception ( "Too few token responses in second round: %d " % count
)
1618 dev
[ 0 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1619 scan_freq
= "2412" , wait_connect
= False )
1620 dev
[ 1 ]. connect ( "test-sae" , psk
= "12345678" , key_mgmt
= "SAE" ,
1621 scan_freq
= "2412" , wait_connect
= False )
1626 for i
in range ( 1000 ):
1627 if sae_rx_commit_token_req ( sock
, radiotap
):
1629 addr
= binascii
. unhexlify ( "f202 %0 8x" % i
)
1630 frame
= build_sae_commit ( bssid
, addr
)
1631 sock
. send ( radiotap
+ frame
)
1632 while dev
[ 0 ]. mon
. pending ():
1633 ev
= dev
[ 0 ]. mon
. recv ()
1634 logger
. debug ( "EV0: " + ev
)
1635 if "CTRL-EVENT-CONNECTED" in ev
:
1637 while dev
[ 1 ]. mon
. pending ():
1638 ev
= dev
[ 1 ]. mon
. recv ()
1639 logger
. debug ( "EV1: " + ev
)
1640 if "CTRL-EVENT-CONNECTED" in ev
:
1642 if connected0
and connected1
:
1645 raise Exception ( "Real station(0) did not get connected" )
1647 raise Exception ( "Real station(1) did not get connected" )
1649 raise Exception ( "Too few token responses in third round: %d " % count
)