]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Use a helper function for DPP_QR_CODE commands
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import binascii
8 import logging
9 logger = logging.getLogger()
10 import os
11 import socket
12 import struct
13 import subprocess
14 import threading
15 import time
16
17 import hostapd
18 from utils import HwsimSkip
19 from hwsim import HWSimRadio
20 import hwsim_utils
21 from test_dpp import check_dpp_capab, update_hapd_config
22 from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
23 from test_ap_eap import check_eap_capa
24 from test_ap_hs20 import hs20_ap_params
25
26 def check_sigma_dut():
27 if not os.path.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
29
30 def to_hex(s):
31 return binascii.hexlify(s.encode()).decode()
32
33 def from_hex(s):
34 return binascii.unhexlify(s).decode()
35
36 def sigma_dut_cmd(cmd, port=9000, timeout=2):
37 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
38 socket.IPPROTO_TCP)
39 sock.settimeout(timeout)
40 addr = ('127.0.0.1', port)
41 sock.connect(addr)
42 sock.send(cmd.encode() + b"\r\n")
43 try:
44 res = sock.recv(1000).decode()
45 running = False
46 done = False
47 for line in res.splitlines():
48 if line.startswith("status,RUNNING"):
49 running = True
50 elif line.startswith("status,INVALID"):
51 done = True
52 elif line.startswith("status,ERROR"):
53 done = True
54 elif line.startswith("status,COMPLETE"):
55 done = True
56 if running and not done:
57 # Read the actual response
58 res = sock.recv(1000).decode()
59 except:
60 res = ''
61 pass
62 sock.close()
63 res = res.rstrip()
64 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
65 return res
66
67 def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
68 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
69 if "COMPLETE" not in res:
70 raise Exception("sigma_dut command failed: " + cmd)
71 return res
72
73 def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None,
74 bridge=None):
75 check_sigma_dut()
76 cmd = [ './sigma_dut',
77 '-M', ifname,
78 '-S', ifname,
79 '-F', '../../hostapd/hostapd',
80 '-G',
81 '-w', '/var/run/wpa_supplicant/',
82 '-j', ifname ]
83 if debug:
84 cmd += [ '-d' ]
85 if hostapd_logdir:
86 cmd += [ '-H', hostapd_logdir ]
87 if cert_path:
88 cmd += [ '-C', cert_path ]
89 if bridge:
90 cmd += [ '-b', bridge ]
91 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
92 stderr=subprocess.PIPE)
93 for i in range(20):
94 try:
95 res = sigma_dut_cmd("HELLO")
96 break
97 except:
98 time.sleep(0.05)
99 return sigma
100
101 def stop_sigma_dut(sigma):
102 sigma.terminate()
103 sigma.wait()
104 out, err = sigma.communicate()
105 logger.debug("sigma_dut stdout: " + str(out.decode()))
106 logger.debug("sigma_dut stderr: " + str(err.decode()))
107
108 def sigma_dut_wait_connected(ifname):
109 for i in range(50):
110 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
111 if "connected,1" in res:
112 break
113 time.sleep(0.2)
114 if i == 49:
115 raise Exception("Connection did not complete")
116
117 def test_sigma_dut_basic(dev, apdev):
118 """sigma_dut basic functionality"""
119 sigma = start_sigma_dut(dev[0].ifname)
120
121 res = sigma_dut_cmd("UNKNOWN")
122 if "status,INVALID,errorCode,Unknown command" not in res:
123 raise Exception("Unexpected sigma_dut response to unknown command")
124
125 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
126 ("device_get_info", "status,COMPLETE,vendor"),
127 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
128 ("device_list_interfaces,interfaceType,802.11",
129 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
130 for cmd, response in tests:
131 res = sigma_dut_cmd(cmd)
132 if response not in res:
133 raise Exception("Unexpected %s response: %s" % (cmd, res))
134
135 stop_sigma_dut(sigma)
136
137 def test_sigma_dut_open(dev, apdev):
138 """sigma_dut controlled open network association"""
139 try:
140 run_sigma_dut_open(dev, apdev)
141 finally:
142 dev[0].set("ignore_old_scan_res", "0")
143
144 def run_sigma_dut_open(dev, apdev):
145 ifname = dev[0].ifname
146 sigma = start_sigma_dut(ifname)
147
148 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
149
150 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
151 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
152 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
153 sigma_dut_wait_connected(ifname)
154 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
155 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
156 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
157
158 stop_sigma_dut(sigma)
159
160 def test_sigma_dut_psk_pmf(dev, apdev):
161 """sigma_dut controlled PSK+PMF association"""
162 try:
163 run_sigma_dut_psk_pmf(dev, apdev)
164 finally:
165 dev[0].set("ignore_old_scan_res", "0")
166
167 def run_sigma_dut_psk_pmf(dev, apdev):
168 ifname = dev[0].ifname
169 sigma = start_sigma_dut(ifname)
170
171 ssid = "test-pmf-required"
172 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
173 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
174 params["ieee80211w"] = "2"
175 hapd = hostapd.add_ap(apdev[0], params)
176
177 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
178 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
179 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
180 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
181 sigma_dut_wait_connected(ifname)
182 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
183 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
184 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
185
186 stop_sigma_dut(sigma)
187
188 def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
189 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
190 try:
191 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
192 finally:
193 dev[0].set("ignore_old_scan_res", "0")
194
195 def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
196 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
197 try:
198 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
199 finally:
200 dev[0].set("ignore_old_scan_res", "0")
201
202 def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
204 try:
205 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
206 finally:
207 dev[0].set("ignore_old_scan_res", "0")
208
209 def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
210 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
211 try:
212 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
213 finally:
214 dev[0].set("ignore_old_scan_res", "0")
215
216 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
217 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
218 try:
219 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
220 failure=True)
221 finally:
222 dev[0].set("ignore_old_scan_res", "0")
223
224 def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
225 failure=False):
226 ifname = dev[0].ifname
227 sigma = start_sigma_dut(ifname)
228
229 ssid = "test-pmf-required"
230 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
231 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
232 params["ieee80211w"] = "2"
233 params["group_mgmt_cipher"] = hostapd_cipher
234 hapd = hostapd.add_ap(apdev[0], params)
235
236 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
237 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
238 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
239 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
240 if failure:
241 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
242 "CTRL-EVENT-CONNECTED"], timeout=10)
243 if ev is None:
244 raise Exception("Network selection result not indicated")
245 if "CTRL-EVENT-CONNECTED" in ev:
246 raise Exception("Unexpected connection")
247 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
248 if "connected,1" in res:
249 raise Exception("Connection reported")
250 else:
251 sigma_dut_wait_connected(ifname)
252 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
253
254 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
255 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
256
257 stop_sigma_dut(sigma)
258
259 def test_sigma_dut_sae(dev, apdev):
260 """sigma_dut controlled SAE association"""
261 if "SAE" not in dev[0].get_capability("auth_alg"):
262 raise HwsimSkip("SAE not supported")
263
264 ifname = dev[0].ifname
265 sigma = start_sigma_dut(ifname)
266
267 ssid = "test-sae"
268 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
269 params['wpa_key_mgmt'] = 'SAE'
270 params["ieee80211w"] = "2"
271 params['sae_groups'] = '19 20 21'
272 hapd = hostapd.add_ap(apdev[0], params)
273
274 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
275 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
276 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
277 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
278 sigma_dut_wait_connected(ifname)
279 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
280 if dev[0].get_status_field('sae_group') != '19':
281 raise Exception("Expected default SAE group not used")
282 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
283
284 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
285
286 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
287 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
288 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
289 sigma_dut_wait_connected(ifname)
290 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
291 if dev[0].get_status_field('sae_group') != '20':
292 raise Exception("Expected SAE group not used")
293 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
294 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
295
296 stop_sigma_dut(sigma)
297
298 def test_sigma_dut_sae_password(dev, apdev):
299 """sigma_dut controlled SAE association and long password"""
300 if "SAE" not in dev[0].get_capability("auth_alg"):
301 raise HwsimSkip("SAE not supported")
302
303 ifname = dev[0].ifname
304 sigma = start_sigma_dut(ifname)
305
306 try:
307 ssid = "test-sae"
308 params = hostapd.wpa2_params(ssid=ssid)
309 params['sae_password'] = 100*'B'
310 params['wpa_key_mgmt'] = 'SAE'
311 params["ieee80211w"] = "2"
312 hapd = hostapd.add_ap(apdev[0], params)
313
314 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
315 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
316 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
317 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
318 sigma_dut_wait_connected(ifname)
319 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
320 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
321 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
322 finally:
323 stop_sigma_dut(sigma)
324
325 def test_sigma_dut_sta_override_rsne(dev, apdev):
326 """sigma_dut and RSNE override on STA"""
327 try:
328 run_sigma_dut_sta_override_rsne(dev, apdev)
329 finally:
330 dev[0].set("ignore_old_scan_res", "0")
331
332 def run_sigma_dut_sta_override_rsne(dev, apdev):
333 ifname = dev[0].ifname
334 sigma = start_sigma_dut(ifname)
335
336 ssid = "test-psk"
337 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
338 hapd = hostapd.add_ap(apdev[0], params)
339
340 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
341
342 tests = [ "30120100000fac040100000fac040100000fac02",
343 "30140100000fac040100000fac040100000fac02ffff" ]
344 for test in tests:
345 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
346 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
347 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
348 sigma_dut_wait_connected(ifname)
349 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
350 dev[0].dump_monitor()
351
352 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
353 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
354 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
355
356 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
357 if ev is None:
358 raise Exception("Association rejection not reported")
359 if "status_code=40" not in ev:
360 raise Exception("Unexpected status code: " + ev)
361
362 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
363
364 stop_sigma_dut(sigma)
365
366 def test_sigma_dut_ap_psk(dev, apdev):
367 """sigma_dut controlled AP"""
368 with HWSimRadio() as (radio, iface):
369 sigma = start_sigma_dut(iface)
370 try:
371 sigma_dut_cmd_check("ap_reset_default")
372 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
373 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
374 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
375
376 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
377
378 sigma_dut_cmd_check("ap_reset_default")
379 finally:
380 stop_sigma_dut(sigma)
381
382 def test_sigma_dut_ap_pskhex(dev, apdev, params):
383 """sigma_dut controlled AP and PSKHEX"""
384 logdir = os.path.join(params['logdir'],
385 "sigma_dut_ap_pskhex.sigma-hostapd")
386 with HWSimRadio() as (radio, iface):
387 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
388 try:
389 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
390 sigma_dut_cmd_check("ap_reset_default")
391 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
392 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
393 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
394
395 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
396
397 sigma_dut_cmd_check("ap_reset_default")
398 finally:
399 stop_sigma_dut(sigma)
400
401 def test_sigma_dut_ap_psk_sha256(dev, apdev, params):
402 """sigma_dut controlled AP PSK SHA256"""
403 logdir = os.path.join(params['logdir'],
404 "sigma_dut_ap_psk_sha256.sigma-hostapd")
405 with HWSimRadio() as (radio, iface):
406 sigma = start_sigma_dut(iface)
407 try:
408 sigma_dut_cmd_check("ap_reset_default")
409 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
410 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
411 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
412
413 dev[0].connect("test-psk", key_mgmt="WPA-PSK-SHA256",
414 psk="12345678", scan_freq="2412")
415
416 sigma_dut_cmd_check("ap_reset_default")
417 finally:
418 stop_sigma_dut(sigma)
419
420 def test_sigma_dut_suite_b(dev, apdev, params):
421 """sigma_dut controlled STA Suite B"""
422 check_suite_b_192_capa(dev)
423 logdir = params['logdir']
424
425 with open("auth_serv/ec2-ca.pem", "r") as f:
426 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
427 f2.write(f.read())
428
429 with open("auth_serv/ec2-user.pem", "r") as f:
430 with open("auth_serv/ec2-user.key", "r") as f2:
431 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
432 f3.write(f.read())
433 f3.write(f2.read())
434
435 dev[0].flush_scan_cache()
436 params = suite_b_as_params()
437 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
438 params['server_cert'] = 'auth_serv/ec2-server.pem'
439 params['private_key'] = 'auth_serv/ec2-server.key'
440 params['openssl_ciphers'] = 'SUITEB192'
441 hostapd.add_ap(apdev[1], params)
442
443 params = { "ssid": "test-suite-b",
444 "wpa": "2",
445 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
446 "rsn_pairwise": "GCMP-256",
447 "group_mgmt_cipher": "BIP-GMAC-256",
448 "ieee80211w": "2",
449 "ieee8021x": "1",
450 'auth_server_addr': "127.0.0.1",
451 'auth_server_port': "18129",
452 'auth_server_shared_secret': "radius",
453 'nas_identifier': "nas.w1.fi" }
454 hapd = hostapd.add_ap(apdev[0], params)
455
456 ifname = dev[0].ifname
457 sigma = start_sigma_dut(ifname, cert_path=logdir)
458
459 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
460 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
461 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
462 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
463 sigma_dut_wait_connected(ifname)
464 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
465 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
466 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
467
468 stop_sigma_dut(sigma)
469
470 def test_sigma_dut_suite_b_rsa(dev, apdev, params):
471 """sigma_dut controlled STA Suite B (RSA)"""
472 check_suite_b_192_capa(dev)
473 logdir = params['logdir']
474
475 with open("auth_serv/rsa3072-ca.pem", "r") as f:
476 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
477 f2.write(f.read())
478
479 with open("auth_serv/rsa3072-user.pem", "r") as f:
480 with open("auth_serv/rsa3072-user.key", "r") as f2:
481 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
482 f3.write(f.read())
483 f3.write(f2.read())
484
485 dev[0].flush_scan_cache()
486 params = suite_b_192_rsa_ap_params()
487 hapd = hostapd.add_ap(apdev[0], params)
488
489 ifname = dev[0].ifname
490 sigma = start_sigma_dut(ifname, cert_path=logdir)
491
492 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
493
494 tests = [ "",
495 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
496 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
497 for extra in tests:
498 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
499 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
500 sigma_dut_cmd_check(cmd + extra)
501 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
502 sigma_dut_wait_connected(ifname)
503 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
504 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
505 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
506
507 stop_sigma_dut(sigma)
508
509 def test_sigma_dut_ap_suite_b(dev, apdev, params):
510 """sigma_dut controlled AP Suite B"""
511 check_suite_b_192_capa(dev)
512 logdir = os.path.join(params['logdir'],
513 "sigma_dut_ap_suite_b.sigma-hostapd")
514 params = suite_b_as_params()
515 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
516 params['server_cert'] = 'auth_serv/ec2-server.pem'
517 params['private_key'] = 'auth_serv/ec2-server.key'
518 params['openssl_ciphers'] = 'SUITEB192'
519 hostapd.add_ap(apdev[1], params)
520 with HWSimRadio() as (radio, iface):
521 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
522 try:
523 sigma_dut_cmd_check("ap_reset_default")
524 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
525 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
526 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
527 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
528
529 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
530 ieee80211w="2",
531 openssl_ciphers="SUITEB192",
532 eap="TLS", identity="tls user",
533 ca_cert="auth_serv/ec2-ca.pem",
534 client_cert="auth_serv/ec2-user.pem",
535 private_key="auth_serv/ec2-user.key",
536 pairwise="GCMP-256", group="GCMP-256",
537 scan_freq="2412")
538
539 sigma_dut_cmd_check("ap_reset_default")
540 finally:
541 stop_sigma_dut(sigma)
542
543 def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
544 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
545 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
546 "GCMP")
547
548 def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
549 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
550 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
551 "GCMP-256")
552
553 def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
554 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
555 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
556 "CCMP")
557
558 def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
559 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
560 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
561 "CCMP-256")
562
563 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
564 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
565 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
566 "BIP-GMAC-256", "CCMP")
567
568 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
569 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
570 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
571 "BIP-GMAC-256", "GCMP-256", "CCMP")
572
573 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
574 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
575 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
576 "GCMP-256", "CCMP", "AES-CCMP-128")
577
578 def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
579 sta_cipher, sta_cipher_group=None, ap_group=None):
580 check_suite_b_192_capa(dev)
581 logdir = os.path.join(params['logdir'],
582 "sigma_dut_ap_cipher.sigma-hostapd")
583 params = suite_b_as_params()
584 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
585 params['server_cert'] = 'auth_serv/ec2-server.pem'
586 params['private_key'] = 'auth_serv/ec2-server.key'
587 params['openssl_ciphers'] = 'SUITEB192'
588 hostapd.add_ap(apdev[1], params)
589 with HWSimRadio() as (radio, iface):
590 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
591 try:
592 sigma_dut_cmd_check("ap_reset_default")
593 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
594 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
595 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
596 if ap_group:
597 cmd += ",GroupCipher,%s" % ap_group
598 sigma_dut_cmd_check(cmd)
599 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
600
601 if sta_cipher_group is None:
602 sta_cipher_group = sta_cipher
603 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
604 ieee80211w="2",
605 openssl_ciphers="SUITEB192",
606 eap="TLS", identity="tls user",
607 ca_cert="auth_serv/ec2-ca.pem",
608 client_cert="auth_serv/ec2-user.pem",
609 private_key="auth_serv/ec2-user.key",
610 pairwise=sta_cipher, group=sta_cipher_group,
611 scan_freq="2412")
612
613 sigma_dut_cmd_check("ap_reset_default")
614 finally:
615 stop_sigma_dut(sigma)
616
617 def test_sigma_dut_ap_override_rsne(dev, apdev):
618 """sigma_dut controlled AP overriding RSNE"""
619 with HWSimRadio() as (radio, iface):
620 sigma = start_sigma_dut(iface)
621 try:
622 sigma_dut_cmd_check("ap_reset_default")
623 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
624 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
625 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
626 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
627
628 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
629
630 sigma_dut_cmd_check("ap_reset_default")
631 finally:
632 stop_sigma_dut(sigma)
633
634 def test_sigma_dut_ap_sae(dev, apdev, params):
635 """sigma_dut controlled AP with SAE"""
636 logdir = os.path.join(params['logdir'],
637 "sigma_dut_ap_sae.sigma-hostapd")
638 if "SAE" not in dev[0].get_capability("auth_alg"):
639 raise HwsimSkip("SAE not supported")
640 with HWSimRadio() as (radio, iface):
641 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
642 try:
643 sigma_dut_cmd_check("ap_reset_default")
644 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
645 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
646 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
647
648 dev[0].request("SET sae_groups ")
649 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
650 ieee80211w="2", scan_freq="2412")
651 if dev[0].get_status_field('sae_group') != '19':
652 raise Exception("Expected default SAE group not used")
653
654 sigma_dut_cmd_check("ap_reset_default")
655 finally:
656 stop_sigma_dut(sigma)
657
658 def test_sigma_dut_ap_sae_password(dev, apdev, params):
659 """sigma_dut controlled AP with SAE and long password"""
660 logdir = os.path.join(params['logdir'],
661 "sigma_dut_ap_sae_password.sigma-hostapd")
662 if "SAE" not in dev[0].get_capability("auth_alg"):
663 raise HwsimSkip("SAE not supported")
664 with HWSimRadio() as (radio, iface):
665 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
666 try:
667 sigma_dut_cmd_check("ap_reset_default")
668 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
669 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
670 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
671
672 dev[0].request("SET sae_groups ")
673 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
674 ieee80211w="2", scan_freq="2412")
675 if dev[0].get_status_field('sae_group') != '19':
676 raise Exception("Expected default SAE group not used")
677
678 sigma_dut_cmd_check("ap_reset_default")
679 finally:
680 stop_sigma_dut(sigma)
681
682 def test_sigma_dut_ap_sae_group(dev, apdev, params):
683 """sigma_dut controlled AP with SAE and specific group"""
684 logdir = os.path.join(params['logdir'],
685 "sigma_dut_ap_sae_group.sigma-hostapd")
686 if "SAE" not in dev[0].get_capability("auth_alg"):
687 raise HwsimSkip("SAE not supported")
688 with HWSimRadio() as (radio, iface):
689 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
690 try:
691 sigma_dut_cmd_check("ap_reset_default")
692 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
693 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
694 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
695
696 dev[0].request("SET sae_groups ")
697 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
698 ieee80211w="2", scan_freq="2412")
699 if dev[0].get_status_field('sae_group') != '20':
700 raise Exception("Expected SAE group not used")
701
702 sigma_dut_cmd_check("ap_reset_default")
703 finally:
704 stop_sigma_dut(sigma)
705
706 def test_sigma_dut_ap_psk_sae(dev, apdev, params):
707 """sigma_dut controlled AP with PSK+SAE"""
708 if "SAE" not in dev[0].get_capability("auth_alg"):
709 raise HwsimSkip("SAE not supported")
710 logdir = os.path.join(params['logdir'],
711 "sigma_dut_ap_psk_sae.sigma-hostapd")
712 with HWSimRadio() as (radio, iface):
713 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
714 try:
715 sigma_dut_cmd_check("ap_reset_default")
716 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
717 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
718 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
719
720 dev[2].request("SET sae_groups ")
721 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
722 scan_freq="2412", ieee80211w="0", wait_connect=False)
723 dev[0].request("SET sae_groups ")
724 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
725 scan_freq="2412", ieee80211w="2")
726 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
727
728 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
729 dev[2].request("DISCONNECT")
730 if ev is not None:
731 raise Exception("Unexpected connection without PMF")
732
733 sigma_dut_cmd_check("ap_reset_default")
734 finally:
735 stop_sigma_dut(sigma)
736
737 def test_sigma_dut_owe(dev, apdev):
738 """sigma_dut controlled OWE station"""
739 try:
740 run_sigma_dut_owe(dev, apdev)
741 finally:
742 dev[0].set("ignore_old_scan_res", "0")
743
744 def run_sigma_dut_owe(dev, apdev):
745 if "OWE" not in dev[0].get_capability("key_mgmt"):
746 raise HwsimSkip("OWE not supported")
747
748 ifname = dev[0].ifname
749 sigma = start_sigma_dut(ifname)
750
751 try:
752 params = { "ssid": "owe",
753 "wpa": "2",
754 "wpa_key_mgmt": "OWE",
755 "ieee80211w": "2",
756 "rsn_pairwise": "CCMP" }
757 hapd = hostapd.add_ap(apdev[0], params)
758 bssid = hapd.own_addr()
759
760 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
761 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
762 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
763 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
764 sigma_dut_wait_connected(ifname)
765 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
766
767 dev[0].dump_monitor()
768 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
769 dev[0].wait_connected()
770 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
771 dev[0].wait_disconnected()
772 dev[0].dump_monitor()
773
774 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
775 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
776 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
777 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
778 sigma_dut_wait_connected(ifname)
779 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
780 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
781 dev[0].wait_disconnected()
782 dev[0].dump_monitor()
783
784 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
785 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
786 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
787 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
788 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
789 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
790 if ev is None:
791 raise Exception("Association not rejected")
792 if "status_code=77" not in ev:
793 raise Exception("Unexpected rejection reason: " + ev)
794
795 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
796 finally:
797 stop_sigma_dut(sigma)
798
799 def test_sigma_dut_ap_owe(dev, apdev, params):
800 """sigma_dut controlled AP with OWE"""
801 logdir = os.path.join(params['logdir'],
802 "sigma_dut_ap_owe.sigma-hostapd")
803 if "OWE" not in dev[0].get_capability("key_mgmt"):
804 raise HwsimSkip("OWE not supported")
805 with HWSimRadio() as (radio, iface):
806 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
807 try:
808 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
809 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
810 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
811 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
812
813 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
814 scan_freq="2412")
815
816 sigma_dut_cmd_check("ap_reset_default")
817 finally:
818 stop_sigma_dut(sigma)
819
820 def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
821 """sigma_dut controlled AP with OWE and ECGroupID"""
822 if "OWE" not in dev[0].get_capability("key_mgmt"):
823 raise HwsimSkip("OWE not supported")
824 with HWSimRadio() as (radio, iface):
825 sigma = start_sigma_dut(iface)
826 try:
827 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
828 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
829 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
830 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
831
832 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
833 owe_group="20", scan_freq="2412")
834 dev[0].request("REMOVE_NETWORK all")
835 dev[0].wait_disconnected()
836
837 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
838 owe_group="21", scan_freq="2412")
839 dev[0].request("REMOVE_NETWORK all")
840 dev[0].wait_disconnected()
841
842 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
843 owe_group="19", scan_freq="2412", wait_connect=False)
844 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
845 dev[0].request("DISCONNECT")
846 if ev is None:
847 raise Exception("Association not rejected")
848 if "status_code=77" not in ev:
849 raise Exception("Unexpected rejection reason: " + ev)
850 dev[0].dump_monitor()
851
852 sigma_dut_cmd_check("ap_reset_default")
853 finally:
854 stop_sigma_dut(sigma)
855
856 def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
857 """sigma_dut controlled AP with OWE and transition mode"""
858 if "OWE" not in dev[0].get_capability("key_mgmt"):
859 raise HwsimSkip("OWE not supported")
860 logdir = os.path.join(params['logdir'],
861 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
862 with HWSimRadio() as (radio, iface):
863 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
864 try:
865 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
866 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
867 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
868 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
869 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
870 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
871
872 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
873 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
874
875 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
876 scan_freq="2412")
877 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
878 if dev[0].get_status_field('bssid') not in res1:
879 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
880 if dev[1].get_status_field('bssid') not in res2:
881 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
882
883 sigma_dut_cmd_check("ap_reset_default")
884 finally:
885 stop_sigma_dut(sigma)
886
887 def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
888 """sigma_dut controlled AP with OWE and transition mode (2)"""
889 if "OWE" not in dev[0].get_capability("key_mgmt"):
890 raise HwsimSkip("OWE not supported")
891 logdir = os.path.join(params['logdir'],
892 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
893 with HWSimRadio() as (radio, iface):
894 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
895 try:
896 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
897 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
898 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
899 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
900 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
901 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
902
903 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
904 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
905
906 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
907 scan_freq="2412")
908 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
909 if dev[0].get_status_field('bssid') not in res2:
910 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
911 if dev[1].get_status_field('bssid') not in res1:
912 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
913
914 sigma_dut_cmd_check("ap_reset_default")
915 finally:
916 stop_sigma_dut(sigma)
917
918 def dpp_init_enrollee(dev, id1):
919 logger.info("Starting DPP initiator/enrollee in a thread")
920 time.sleep(1)
921 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
922 if "OK" not in dev.request(cmd):
923 raise Exception("Failed to initiate DPP Authentication")
924 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
925 if ev is None:
926 raise Exception("DPP configuration not completed (Enrollee)")
927 logger.info("DPP initiator/enrollee done")
928
929 def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
930 """sigma_dut DPP/QR responder (conf index 1)"""
931 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
932
933 def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
934 """sigma_dut DPP/QR responder (conf index 2)"""
935 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
936
937 def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
938 """sigma_dut DPP/QR responder (conf index 3)"""
939 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
940
941 def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
942 """sigma_dut DPP/QR responder (conf index 4)"""
943 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
944
945 def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
946 """sigma_dut DPP/QR responder (conf index 5)"""
947 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
948
949 def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
950 """sigma_dut DPP/QR responder (conf index 6)"""
951 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
952
953 def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
954 """sigma_dut DPP/QR responder (conf index 7)"""
955 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
956
957 def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
958 """sigma_dut DPP/QR responder (channel list override)"""
959 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
960 listen_chan=2)
961
962 def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
963 listen_chan=None):
964 check_dpp_capab(dev[0])
965 check_dpp_capab(dev[1])
966 sigma = start_sigma_dut(dev[0].ifname)
967 try:
968 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
969 if chan_list:
970 cmd += ",DPPChannelList," + chan_list
971 res = sigma_dut_cmd(cmd)
972 if "status,COMPLETE" not in res:
973 raise Exception("dev_exec_action did not succeed: " + res)
974 hex = res.split(',')[3]
975 uri = from_hex(hex)
976 logger.info("URI from sigma_dut: " + uri)
977
978 id1 = dev[1].dpp_qr_code(uri)
979
980 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
981 t.start()
982 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
983 if listen_chan:
984 cmd += ",DPPListenChannel," + str(listen_chan)
985 res = sigma_dut_cmd(cmd, timeout=10)
986 t.join()
987 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
988 raise Exception("Unexpected result: " + res)
989 finally:
990 stop_sigma_dut(sigma)
991
992 def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
993 """sigma_dut DPP/QR initiator as Enrollee"""
994 check_dpp_capab(dev[0])
995 check_dpp_capab(dev[1])
996
997 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
998 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
999 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1000 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1001
1002 params = { "ssid": "DPPNET01",
1003 "wpa": "2",
1004 "ieee80211w": "2",
1005 "wpa_key_mgmt": "DPP",
1006 "rsn_pairwise": "CCMP",
1007 "dpp_connector": ap_connector,
1008 "dpp_csign": csign_pub,
1009 "dpp_netaccesskey": ap_netaccesskey }
1010 try:
1011 hapd = hostapd.add_ap(apdev[0], params)
1012 except:
1013 raise HwsimSkip("DPP not supported")
1014
1015 sigma = start_sigma_dut(dev[0].ifname)
1016 try:
1017 dev[0].set("dpp_config_processing", "2")
1018
1019 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1020 res = dev[1].request(cmd)
1021 if "FAIL" in res:
1022 raise Exception("Failed to add configurator")
1023 conf_id = int(res)
1024
1025 addr = dev[1].own_addr().replace(':', '')
1026 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1027 res = dev[1].request(cmd)
1028 if "FAIL" in res:
1029 raise Exception("Failed to generate bootstrapping info")
1030 id0 = int(res)
1031 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1032
1033 dev[1].set("dpp_configurator_params",
1034 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1035 cmd = "DPP_LISTEN 2437 role=configurator"
1036 if "OK" not in dev[1].request(cmd):
1037 raise Exception("Failed to start listen operation")
1038
1039 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1040 if "status,COMPLETE" not in res:
1041 raise Exception("dev_exec_action did not succeed: " + res)
1042
1043 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1044 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1045 raise Exception("Unexpected result: " + res)
1046 finally:
1047 dev[0].set("dpp_config_processing", "0")
1048 stop_sigma_dut(sigma)
1049
1050 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1051 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1052 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1053
1054 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1055 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1056 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1057 extra="DPPAuthDirection,Mutual,")
1058
1059 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
1060 check_dpp_capab(dev[0])
1061 check_dpp_capab(dev[1])
1062
1063 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1064 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1065 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1066 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1067
1068 params = { "ssid": "DPPNET01",
1069 "wpa": "2",
1070 "ieee80211w": "2",
1071 "wpa_key_mgmt": "DPP",
1072 "rsn_pairwise": "CCMP",
1073 "dpp_connector": ap_connector,
1074 "dpp_csign": csign_pub,
1075 "dpp_netaccesskey": ap_netaccesskey }
1076 try:
1077 hapd = hostapd.add_ap(apdev[0], params)
1078 except:
1079 raise HwsimSkip("DPP not supported")
1080
1081 sigma = start_sigma_dut(dev[0].ifname)
1082 try:
1083 dev[0].set("dpp_config_processing", "2")
1084
1085 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1086 res = dev[1].request(cmd)
1087 if "FAIL" in res:
1088 raise Exception("Failed to add configurator")
1089 conf_id = int(res)
1090
1091 addr = dev[1].own_addr().replace(':', '')
1092 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1093 res = dev[1].request(cmd)
1094 if "FAIL" in res:
1095 raise Exception("Failed to generate bootstrapping info")
1096 id0 = int(res)
1097 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1098
1099 dev[1].set("dpp_configurator_params",
1100 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1101 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1102 if "OK" not in dev[1].request(cmd):
1103 raise Exception("Failed to start listen operation")
1104
1105 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1106 if "status,COMPLETE" not in res:
1107 raise Exception("dev_exec_action did not succeed: " + res)
1108 hex = res.split(',')[3]
1109 uri = from_hex(hex)
1110 logger.info("URI from sigma_dut: " + uri)
1111
1112 id1 = dev[1].dpp_qr_code(uri)
1113
1114 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1115 if "status,COMPLETE" not in res:
1116 raise Exception("dev_exec_action did not succeed: " + res)
1117
1118 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
1119 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1120 raise Exception("Unexpected result: " + res)
1121 finally:
1122 dev[0].set("dpp_config_processing", "0")
1123 stop_sigma_dut(sigma)
1124
1125 def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1126 time.sleep(1)
1127 logger.info("Starting DPP initiator/configurator in a thread")
1128 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, to_hex("DPPNET01"), conf_id)
1129 if own_id is not None:
1130 cmd += " own=%d" % own_id
1131 if "OK" not in dev.request(cmd):
1132 raise Exception("Failed to initiate DPP Authentication")
1133 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1134 if ev is None:
1135 raise Exception("DPP configuration not completed (Configurator)")
1136 logger.info("DPP initiator/configurator done")
1137
1138 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1139 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1140 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1141
1142 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1143 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1144 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1145
1146 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
1147 check_dpp_capab(dev[0])
1148 check_dpp_capab(dev[1])
1149
1150 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1151 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1152 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1153 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1154
1155 params = { "ssid": "DPPNET01",
1156 "wpa": "2",
1157 "ieee80211w": "2",
1158 "wpa_key_mgmt": "DPP",
1159 "rsn_pairwise": "CCMP",
1160 "dpp_connector": ap_connector,
1161 "dpp_csign": csign_pub,
1162 "dpp_netaccesskey": ap_netaccesskey }
1163 try:
1164 hapd = hostapd.add_ap(apdev[0], params)
1165 except:
1166 raise HwsimSkip("DPP not supported")
1167
1168 sigma = start_sigma_dut(dev[0].ifname)
1169 try:
1170 dev[0].set("dpp_config_processing", "2")
1171
1172 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1173 res = dev[1].request(cmd)
1174 if "FAIL" in res:
1175 raise Exception("Failed to add configurator")
1176 conf_id = int(res)
1177
1178 addr = dev[1].own_addr().replace(':', '')
1179 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1180 res = dev[1].request(cmd)
1181 if "FAIL" in res:
1182 raise Exception("Failed to generate bootstrapping info")
1183 id0 = int(res)
1184 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1185
1186 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1187 if "status,COMPLETE" not in res:
1188 raise Exception("dev_exec_action did not succeed: " + res)
1189 hex = res.split(',')[3]
1190 uri = from_hex(hex)
1191 logger.info("URI from sigma_dut: " + uri)
1192
1193 id1 = dev[1].dpp_qr_code(uri)
1194
1195 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1196 if "status,COMPLETE" not in res:
1197 raise Exception("dev_exec_action did not succeed: " + res)
1198
1199 t = threading.Thread(target=dpp_init_conf_mutual,
1200 args=(dev[1], id1, conf_id, id0))
1201 t.start()
1202
1203 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1204 if extra:
1205 cmd += extra
1206 res = sigma_dut_cmd(cmd, timeout=25)
1207 t.join()
1208 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1209 raise Exception("Unexpected result: " + res)
1210 finally:
1211 dev[0].set("dpp_config_processing", "0")
1212 stop_sigma_dut(sigma)
1213
1214 def dpp_resp_conf_mutual(dev, conf_id, uri):
1215 logger.info("Starting DPP responder/configurator in a thread")
1216 dev.set("dpp_configurator_params",
1217 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
1218 conf_id))
1219 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1220 if "OK" not in dev.request(cmd):
1221 raise Exception("Failed to initiate DPP listen")
1222 if uri:
1223 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1224 if ev is None:
1225 raise Exception("QR Code scan for mutual authentication not requested")
1226 dev.dpp_qr_code(uri)
1227 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1228 if ev is None:
1229 raise Exception("DPP configuration not completed (Configurator)")
1230 logger.info("DPP responder/configurator done")
1231
1232 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1233 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1234 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1235
1236 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1237 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1238 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1239
1240 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1241 check_dpp_capab(dev[0])
1242 check_dpp_capab(dev[1])
1243
1244 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1245 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1246 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1247 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1248
1249 params = { "ssid": "DPPNET01",
1250 "wpa": "2",
1251 "ieee80211w": "2",
1252 "wpa_key_mgmt": "DPP",
1253 "rsn_pairwise": "CCMP",
1254 "dpp_connector": ap_connector,
1255 "dpp_csign": csign_pub,
1256 "dpp_netaccesskey": ap_netaccesskey }
1257 try:
1258 hapd = hostapd.add_ap(apdev[0], params)
1259 except:
1260 raise HwsimSkip("DPP not supported")
1261
1262 sigma = start_sigma_dut(dev[0].ifname)
1263 try:
1264 dev[0].set("dpp_config_processing", "2")
1265
1266 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1267 res = dev[1].request(cmd)
1268 if "FAIL" in res:
1269 raise Exception("Failed to add configurator")
1270 conf_id = int(res)
1271
1272 addr = dev[1].own_addr().replace(':', '')
1273 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1274 res = dev[1].request(cmd)
1275 if "FAIL" in res:
1276 raise Exception("Failed to generate bootstrapping info")
1277 id0 = int(res)
1278 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1279
1280 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1281 if "status,COMPLETE" not in res:
1282 raise Exception("dev_exec_action did not succeed: " + res)
1283 hex = res.split(',')[3]
1284 uri = from_hex(hex)
1285 logger.info("URI from sigma_dut: " + uri)
1286
1287 if not resp_pending:
1288 dev[1].dpp_qr_code(uri)
1289 uri = None
1290
1291 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1292 if "status,COMPLETE" not in res:
1293 raise Exception("dev_exec_action did not succeed: " + res)
1294
1295 t = threading.Thread(target=dpp_resp_conf_mutual,
1296 args=(dev[1], conf_id, uri))
1297 t.start()
1298
1299 time.sleep(1)
1300 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1301 res = sigma_dut_cmd(cmd, timeout=15)
1302 t.join()
1303 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1304 raise Exception("Unexpected result: " + res)
1305 finally:
1306 dev[0].set("dpp_config_processing", "0")
1307 stop_sigma_dut(sigma)
1308
1309 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1310 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1311 check_dpp_capab(dev[0])
1312 check_dpp_capab(dev[1])
1313
1314 params = hostapd.wpa2_params(ssid="DPPNET01",
1315 passphrase="ThisIsDppPassphrase")
1316 hapd = hostapd.add_ap(apdev[0], params)
1317
1318 sigma = start_sigma_dut(dev[0].ifname)
1319 try:
1320 dev[0].set("dpp_config_processing", "2")
1321
1322 cmd = "DPP_CONFIGURATOR_ADD"
1323 res = dev[1].request(cmd)
1324 if "FAIL" in res:
1325 raise Exception("Failed to add configurator")
1326 conf_id = int(res)
1327
1328 addr = dev[1].own_addr().replace(':', '')
1329 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1330 res = dev[1].request(cmd)
1331 if "FAIL" in res:
1332 raise Exception("Failed to generate bootstrapping info")
1333 id0 = int(res)
1334 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1335
1336 dev[1].set("dpp_configurator_params",
1337 " conf=sta-psk ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1338 cmd = "DPP_LISTEN 2437 role=configurator"
1339 if "OK" not in dev[1].request(cmd):
1340 raise Exception("Failed to start listen operation")
1341
1342 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1343 if "status,COMPLETE" not in res:
1344 raise Exception("dev_exec_action did not succeed: " + res)
1345
1346 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1347 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1348 raise Exception("Unexpected result: " + res)
1349 finally:
1350 dev[0].set("dpp_config_processing", "0")
1351 stop_sigma_dut(sigma)
1352
1353 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev, apdev):
1354 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1355 check_dpp_capab(dev[0])
1356 check_dpp_capab(dev[1])
1357 if "SAE" not in dev[0].get_capability("auth_alg"):
1358 raise HwsimSkip("SAE not supported")
1359
1360 params = hostapd.wpa2_params(ssid="DPPNET01",
1361 passphrase="ThisIsDppPassphrase")
1362 params['wpa_key_mgmt'] = 'SAE'
1363 params["ieee80211w"] = "2"
1364 hapd = hostapd.add_ap(apdev[0], params)
1365
1366 sigma = start_sigma_dut(dev[0].ifname)
1367 try:
1368 dev[0].set("dpp_config_processing", "2")
1369
1370 cmd = "DPP_CONFIGURATOR_ADD"
1371 res = dev[1].request(cmd)
1372 if "FAIL" in res:
1373 raise Exception("Failed to add configurator")
1374 conf_id = int(res)
1375
1376 addr = dev[1].own_addr().replace(':', '')
1377 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1378 res = dev[1].request(cmd)
1379 if "FAIL" in res:
1380 raise Exception("Failed to generate bootstrapping info")
1381 id0 = int(res)
1382 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1383
1384 dev[1].set("dpp_configurator_params",
1385 " conf=sta-sae ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1386 cmd = "DPP_LISTEN 2437 role=configurator"
1387 if "OK" not in dev[1].request(cmd):
1388 raise Exception("Failed to start listen operation")
1389
1390 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1391 if "status,COMPLETE" not in res:
1392 raise Exception("dev_exec_action did not succeed: " + res)
1393
1394 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1395 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1396 raise Exception("Unexpected result: " + res)
1397 finally:
1398 dev[0].set("dpp_config_processing", "0")
1399 stop_sigma_dut(sigma)
1400
1401 def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1402 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1403 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1404
1405 def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1406 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1407 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1408
1409 def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1410 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1411 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1412
1413 def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1414 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1415 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1416
1417 def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1418 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1419 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1420
1421 def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1422 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1423 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1424
1425 def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1426 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1427 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1428
1429 def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1430 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1431 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1432
1433 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1434 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1435 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1436
1437 def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
1438 prov_role="Configurator",
1439 extra=None):
1440 check_dpp_capab(dev[0])
1441 check_dpp_capab(dev[1])
1442 sigma = start_sigma_dut(dev[0].ifname)
1443 try:
1444 addr = dev[1].own_addr().replace(':', '')
1445 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1446 res = dev[1].request(cmd)
1447 if "FAIL" in res:
1448 raise Exception("Failed to generate bootstrapping info")
1449 id0 = int(res)
1450 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1451
1452 cmd = "DPP_LISTEN 2437 role=enrollee"
1453 if "OK" not in dev[1].request(cmd):
1454 raise Exception("Failed to start listen operation")
1455
1456 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1457 if "status,COMPLETE" not in res:
1458 raise Exception("dev_exec_action did not succeed: " + res)
1459
1460 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1461 if extra:
1462 cmd += "," + extra
1463 res = sigma_dut_cmd(cmd)
1464 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1465 raise Exception("Unexpected result: " + res)
1466 finally:
1467 stop_sigma_dut(sigma)
1468
1469 def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1470 """sigma_dut DPP roles incompatible (Initiator)"""
1471 check_dpp_capab(dev[0])
1472 check_dpp_capab(dev[1])
1473 sigma = start_sigma_dut(dev[0].ifname)
1474 try:
1475 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1476 if "status,COMPLETE" not in res:
1477 raise Exception("dev_exec_action did not succeed: " + res)
1478 hex = res.split(',')[3]
1479 uri = from_hex(hex)
1480 logger.info("URI from sigma_dut: " + uri)
1481
1482 id1 = dev[1].dpp_qr_code(uri)
1483
1484 addr = dev[1].own_addr().replace(':', '')
1485 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1486 res = dev[1].request(cmd)
1487 if "FAIL" in res:
1488 raise Exception("Failed to generate bootstrapping info")
1489 id0 = int(res)
1490 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1491
1492 cmd = "DPP_LISTEN 2437 role=enrollee"
1493 if "OK" not in dev[1].request(cmd):
1494 raise Exception("Failed to start listen operation")
1495
1496 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1497 if "status,COMPLETE" not in res:
1498 raise Exception("dev_exec_action did not succeed: " + res)
1499
1500 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1501 res = sigma_dut_cmd(cmd)
1502 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1503 raise Exception("Unexpected result: " + res)
1504 finally:
1505 stop_sigma_dut(sigma)
1506
1507 def dpp_init_enrollee_mutual(dev, id1, own_id):
1508 logger.info("Starting DPP initiator/enrollee in a thread")
1509 time.sleep(1)
1510 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1511 if "OK" not in dev.request(cmd):
1512 raise Exception("Failed to initiate DPP Authentication")
1513 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1514 "DPP-NOT-COMPATIBLE"], timeout=5)
1515 if ev is None:
1516 raise Exception("DPP configuration not completed (Enrollee)")
1517 logger.info("DPP initiator/enrollee done")
1518
1519 def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1520 """sigma_dut DPP roles incompatible (Responder)"""
1521 check_dpp_capab(dev[0])
1522 check_dpp_capab(dev[1])
1523 sigma = start_sigma_dut(dev[0].ifname)
1524 try:
1525 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1526 res = sigma_dut_cmd(cmd)
1527 if "status,COMPLETE" not in res:
1528 raise Exception("dev_exec_action did not succeed: " + res)
1529 hex = res.split(',')[3]
1530 uri = from_hex(hex)
1531 logger.info("URI from sigma_dut: " + uri)
1532
1533 id1 = dev[1].dpp_qr_code(uri)
1534
1535 addr = dev[1].own_addr().replace(':', '')
1536 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1537 res = dev[1].request(cmd)
1538 if "FAIL" in res:
1539 raise Exception("Failed to generate bootstrapping info")
1540 id0 = int(res)
1541 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1542
1543 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1544 if "status,COMPLETE" not in res:
1545 raise Exception("dev_exec_action did not succeed: " + res)
1546
1547 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1548 t.start()
1549 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1550 res = sigma_dut_cmd(cmd, timeout=10)
1551 t.join()
1552 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1553 raise Exception("Unexpected result: " + res)
1554 finally:
1555 stop_sigma_dut(sigma)
1556
1557 def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1558 """sigma_dut DPP/PKEX initiator as Configurator"""
1559 check_dpp_capab(dev[0])
1560 check_dpp_capab(dev[1])
1561 sigma = start_sigma_dut(dev[0].ifname)
1562 try:
1563 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1564 res = dev[1].request(cmd)
1565 if "FAIL" in res:
1566 raise Exception("Failed to generate bootstrapping info")
1567 id1 = int(res)
1568 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1569 res = dev[1].request(cmd)
1570 if "FAIL" in res:
1571 raise Exception("Failed to set PKEX data (responder)")
1572 cmd = "DPP_LISTEN 2437 role=enrollee"
1573 if "OK" not in dev[1].request(cmd):
1574 raise Exception("Failed to start listen operation")
1575
1576 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1577 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1578 raise Exception("Unexpected result: " + res)
1579 finally:
1580 stop_sigma_dut(sigma)
1581
1582 def dpp_init_conf(dev, id1, conf, conf_id, extra):
1583 logger.info("Starting DPP initiator/configurator in a thread")
1584 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1585 if "OK" not in dev.request(cmd):
1586 raise Exception("Failed to initiate DPP Authentication")
1587 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1588 if ev is None:
1589 raise Exception("DPP configuration not completed (Configurator)")
1590 logger.info("DPP initiator/configurator done")
1591
1592 def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1593 """sigma_dut controlled AP (DPP)"""
1594 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1595
1596 def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1597 """sigma_dut controlled AP (legacy)"""
1598 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1599 extra="pass=%s" % to_hex("qwertyuiop"))
1600
1601 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1602 """sigma_dut controlled AP (legacy)"""
1603 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1604 extra="psk=%s" % (32*"12"))
1605
1606 def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
1607 check_dpp_capab(dev[0])
1608 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1609 with HWSimRadio() as (radio, iface):
1610 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1611 try:
1612 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1613 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1614 if "status,COMPLETE" not in res:
1615 raise Exception("dev_exec_action did not succeed: " + res)
1616 hex = res.split(',')[3]
1617 uri = from_hex(hex)
1618 logger.info("URI from sigma_dut: " + uri)
1619
1620 cmd = "DPP_CONFIGURATOR_ADD"
1621 res = dev[0].request(cmd)
1622 if "FAIL" in res:
1623 raise Exception("Failed to add configurator")
1624 conf_id = int(res)
1625
1626 id1 = dev[0].dpp_qr_code(uri)
1627
1628 t = threading.Thread(target=dpp_init_conf,
1629 args=(dev[0], id1, ap_conf, conf_id, extra))
1630 t.start()
1631 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1632 t.join()
1633 if "ConfResult,OK" not in res:
1634 raise Exception("Unexpected result: " + res)
1635
1636 addr = dev[1].own_addr().replace(':', '')
1637 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1638 res = dev[1].request(cmd)
1639 if "FAIL" in res:
1640 raise Exception("Failed to generate bootstrapping info")
1641 id1 = int(res)
1642 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1643
1644 id0b = dev[0].dpp_qr_code(uri1)
1645
1646 dev[1].set("dpp_config_processing", "2")
1647 cmd = "DPP_LISTEN 2412"
1648 if "OK" not in dev[1].request(cmd):
1649 raise Exception("Failed to start listen operation")
1650 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1651 if "OK" not in dev[0].request(cmd):
1652 raise Exception("Failed to initiate DPP Authentication")
1653 dev[1].wait_connected()
1654
1655 sigma_dut_cmd_check("ap_reset_default")
1656 finally:
1657 dev[1].set("dpp_config_processing", "0")
1658 stop_sigma_dut(sigma)
1659
1660 def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1661 """sigma_dut controlled AP as DPP PKEX responder"""
1662 check_dpp_capab(dev[0])
1663 logdir = os.path.join(params['logdir'],
1664 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1665 with HWSimRadio() as (radio, iface):
1666 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1667 try:
1668 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1669 finally:
1670 stop_sigma_dut(sigma)
1671
1672 def dpp_init_conf_pkex(dev, conf_id, check_config=True):
1673 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1674 time.sleep(1.5)
1675 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1676 res = dev.request(cmd)
1677 if "FAIL" in res:
1678 raise Exception("Failed to generate bootstrapping info")
1679 id = int(res)
1680 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1681 res = dev.request(cmd)
1682 if "FAIL" in res:
1683 raise Exception("Failed to initiate DPP PKEX")
1684 if not check_config:
1685 return
1686 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1687 if ev is None:
1688 raise Exception("DPP configuration not completed (Configurator)")
1689 logger.info("DPP initiator/configurator done")
1690
1691 def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1692 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1693
1694 cmd = "DPP_CONFIGURATOR_ADD"
1695 res = dev[0].request(cmd)
1696 if "FAIL" in res:
1697 raise Exception("Failed to add configurator")
1698 conf_id = int(res)
1699
1700 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1701 t.start()
1702 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
1703 t.join()
1704 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1705 raise Exception("Unexpected result: " + res)
1706
1707 sigma_dut_cmd_check("ap_reset_default")
1708
1709 def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1710 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1711 check_dpp_capab(dev[0])
1712 sigma = start_sigma_dut(dev[0].ifname)
1713 try:
1714 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1715 finally:
1716 stop_sigma_dut(sigma)
1717
1718 def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1719 cmd = "DPP_CONFIGURATOR_ADD"
1720 res = dev[1].request(cmd)
1721 if "FAIL" in res:
1722 raise Exception("Failed to add configurator")
1723 conf_id = int(res)
1724
1725 dev[1].set("dpp_test", "44")
1726
1727 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1728 False))
1729 t.start()
1730 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1731 t.join()
1732 if "BootstrapResult,Timeout" not in res:
1733 raise Exception("Unexpected result: " + res)
1734
1735 def dpp_proto_init(dev, id1):
1736 time.sleep(1)
1737 logger.info("Starting DPP initiator/configurator in a thread")
1738 cmd = "DPP_CONFIGURATOR_ADD"
1739 res = dev.request(cmd)
1740 if "FAIL" in res:
1741 raise Exception("Failed to add configurator")
1742 conf_id = int(res)
1743
1744 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1745 if "OK" not in dev.request(cmd):
1746 raise Exception("Failed to initiate DPP Authentication")
1747
1748 def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1749 """sigma_dut DPP protocol testing - Initiator"""
1750 check_dpp_capab(dev[0])
1751 check_dpp_capab(dev[1])
1752 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1753 "BootstrapResult,OK,AuthResult,Errorsent",
1754 None),
1755 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1756 "BootstrapResult,OK,AuthResult,Errorsent",
1757 None),
1758 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1759 "BootstrapResult,OK,AuthResult,Errorsent",
1760 "Missing or invalid I-capabilities"),
1761 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1762 "BootstrapResult,OK,AuthResult,Errorsent",
1763 "Mismatching Initiator Authenticating Tag"),
1764 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1765 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1766 "Missing or invalid Enrollee Nonce attribute") ]
1767 for step, frame, attr, result, fail in tests:
1768 dev[0].request("FLUSH")
1769 dev[1].request("FLUSH")
1770 sigma = start_sigma_dut(dev[0].ifname)
1771 try:
1772 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1773 fail)
1774 finally:
1775 stop_sigma_dut(sigma)
1776
1777 def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1778 addr = dev[1].own_addr().replace(':', '')
1779 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1780 res = dev[1].request(cmd)
1781 if "FAIL" in res:
1782 raise Exception("Failed to generate bootstrapping info")
1783 id0 = int(res)
1784 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1785
1786 cmd = "DPP_LISTEN 2437 role=enrollee"
1787 if "OK" not in dev[1].request(cmd):
1788 raise Exception("Failed to start listen operation")
1789
1790 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1791 if "status,COMPLETE" not in res:
1792 raise Exception("dev_exec_action did not succeed: " + res)
1793
1794 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1795 timeout=10)
1796 if result not in res:
1797 raise Exception("Unexpected result: " + res)
1798 if fail:
1799 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1800 if ev is None or fail not in ev:
1801 raise Exception("Failure not reported correctly: " + str(ev))
1802
1803 dev[1].request("DPP_STOP_LISTEN")
1804 dev[0].dump_monitor()
1805 dev[1].dump_monitor()
1806
1807 def test_sigma_dut_dpp_proto_responder(dev, apdev):
1808 """sigma_dut DPP protocol testing - Responder"""
1809 check_dpp_capab(dev[0])
1810 check_dpp_capab(dev[1])
1811 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1812 "BootstrapResult,OK,AuthResult,Errorsent",
1813 "Missing or invalid required DPP Status attribute"),
1814 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1815 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1816 "Missing or invalid Enrollee Nonce attribute") ]
1817 for step, frame, attr, result, fail in tests:
1818 dev[0].request("FLUSH")
1819 dev[1].request("FLUSH")
1820 sigma = start_sigma_dut(dev[0].ifname)
1821 try:
1822 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1823 fail)
1824 finally:
1825 stop_sigma_dut(sigma)
1826
1827 def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1828 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1829 if "status,COMPLETE" not in res:
1830 raise Exception("dev_exec_action did not succeed: " + res)
1831 hex = res.split(',')[3]
1832 uri = from_hex(hex)
1833 logger.info("URI from sigma_dut: " + uri)
1834
1835 id1 = dev[1].dpp_qr_code(uri)
1836
1837 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1838 t.start()
1839 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
1840 t.join()
1841 if result not in res:
1842 raise Exception("Unexpected result: " + res)
1843 if fail:
1844 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1845 if ev is None or fail not in ev:
1846 raise Exception("Failure not reported correctly:" + str(ev))
1847
1848 dev[1].request("DPP_STOP_LISTEN")
1849 dev[0].dump_monitor()
1850 dev[1].dump_monitor()
1851
1852 def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1853 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1854 check_dpp_capab(dev[0])
1855 check_dpp_capab(dev[1])
1856 tests = [ ("AuthenticationResponse",
1857 "BootstrapResult,OK,AuthResult,Errorsent",
1858 None),
1859 ("ConfigurationRequest",
1860 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1861 None)]
1862 for frame, result, fail in tests:
1863 dev[0].request("FLUSH")
1864 dev[1].request("FLUSH")
1865 sigma = start_sigma_dut(dev[0].ifname)
1866 try:
1867 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1868 finally:
1869 stop_sigma_dut(sigma)
1870
1871 def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1872 addr = dev[1].own_addr().replace(':', '')
1873 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1874 res = dev[1].request(cmd)
1875 if "FAIL" in res:
1876 raise Exception("Failed to generate bootstrapping info")
1877 id0 = int(res)
1878 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1879
1880 cmd = "DPP_LISTEN 2437 role=enrollee"
1881 if "OK" not in dev[1].request(cmd):
1882 raise Exception("Failed to start listen operation")
1883
1884 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1885 if "status,COMPLETE" not in res:
1886 raise Exception("dev_exec_action did not succeed: " + res)
1887
1888 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1889 if result not in res:
1890 raise Exception("Unexpected result: " + res)
1891 if fail:
1892 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1893 if ev is None or fail not in ev:
1894 raise Exception("Failure not reported correctly: " + str(ev))
1895
1896 dev[1].request("DPP_STOP_LISTEN")
1897 dev[0].dump_monitor()
1898 dev[1].dump_monitor()
1899
1900 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1901 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1902 check_dpp_capab(dev[0])
1903 check_dpp_capab(dev[1])
1904 tests = [ ("AuthenticationConfirm",
1905 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1906 None) ]
1907 for frame, result, fail in tests:
1908 dev[0].request("FLUSH")
1909 dev[1].request("FLUSH")
1910 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1911 try:
1912 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1913 result, fail)
1914 finally:
1915 stop_sigma_dut(sigma)
1916
1917 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1918 fail):
1919 addr = dev[1].own_addr().replace(':', '')
1920 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1921 res = dev[1].request(cmd)
1922 if "FAIL" in res:
1923 raise Exception("Failed to generate bootstrapping info")
1924 id0 = int(res)
1925 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1926
1927 cmd = "DPP_LISTEN 2437 role=configurator"
1928 if "OK" not in dev[1].request(cmd):
1929 raise Exception("Failed to start listen operation")
1930
1931 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1932 if "status,COMPLETE" not in res:
1933 raise Exception("dev_exec_action did not succeed: " + res)
1934
1935 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1936 if result not in res:
1937 raise Exception("Unexpected result: " + res)
1938 if fail:
1939 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1940 if ev is None or fail not in ev:
1941 raise Exception("Failure not reported correctly: " + str(ev))
1942
1943 dev[1].request("DPP_STOP_LISTEN")
1944 dev[0].dump_monitor()
1945 dev[1].dump_monitor()
1946
1947 def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1948 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1949 check_dpp_capab(dev[0])
1950 check_dpp_capab(dev[1])
1951 tests = [ ("AuthenticationRequest",
1952 "BootstrapResult,OK,AuthResult,Errorsent",
1953 None),
1954 ("AuthenticationConfirm",
1955 "BootstrapResult,OK,AuthResult,Errorsent",
1956 None) ]
1957 for frame, result, fail in tests:
1958 dev[0].request("FLUSH")
1959 dev[1].request("FLUSH")
1960 sigma = start_sigma_dut(dev[0].ifname)
1961 try:
1962 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1963 finally:
1964 stop_sigma_dut(sigma)
1965
1966 def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1967 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1968 if "status,COMPLETE" not in res:
1969 raise Exception("dev_exec_action did not succeed: " + res)
1970 hex = res.split(',')[3]
1971 uri = from_hex(hex)
1972 logger.info("URI from sigma_dut: " + uri)
1973
1974 id1 = dev[1].dpp_qr_code(uri)
1975
1976 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1977 t.start()
1978 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1979 t.join()
1980 if result not in res:
1981 raise Exception("Unexpected result: " + res)
1982 if fail:
1983 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1984 if ev is None or fail not in ev:
1985 raise Exception("Failure not reported correctly:" + str(ev))
1986
1987 dev[1].request("DPP_STOP_LISTEN")
1988 dev[0].dump_monitor()
1989 dev[1].dump_monitor()
1990
1991 def dpp_proto_init_pkex(dev):
1992 time.sleep(1)
1993 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1994 cmd = "DPP_CONFIGURATOR_ADD"
1995 res = dev.request(cmd)
1996 if "FAIL" in res:
1997 raise Exception("Failed to add configurator")
1998 conf_id = int(res)
1999
2000 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2001 res = dev.request(cmd)
2002 if "FAIL" in res:
2003 raise Exception("Failed to generate bootstrapping info")
2004 id = int(res)
2005
2006 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
2007 if "FAIL" in dev.request(cmd):
2008 raise Exception("Failed to initiate DPP PKEX")
2009
2010 def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
2011 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2012 check_dpp_capab(dev[0])
2013 check_dpp_capab(dev[1])
2014 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
2015 "BootstrapResult,Errorsent",
2016 None),
2017 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2018 "BootstrapResult,Errorsent",
2019 "Missing or invalid Finite Cyclic Group attribute"),
2020 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2021 "BootstrapResult,Errorsent",
2022 "No valid peer bootstrapping key found") ]
2023 for step, frame, attr, result, fail in tests:
2024 dev[0].request("FLUSH")
2025 dev[1].request("FLUSH")
2026 sigma = start_sigma_dut(dev[0].ifname)
2027 try:
2028 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
2029 result, fail)
2030 finally:
2031 stop_sigma_dut(sigma)
2032
2033 def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
2034 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2035 res = dev[1].request(cmd)
2036 if "FAIL" in res:
2037 raise Exception("Failed to generate bootstrapping info")
2038 id1 = int(res)
2039
2040 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
2041 res = dev[1].request(cmd)
2042 if "FAIL" in res:
2043 raise Exception("Failed to set PKEX data (responder)")
2044
2045 cmd = "DPP_LISTEN 2437 role=enrollee"
2046 if "OK" not in dev[1].request(cmd):
2047 raise Exception("Failed to start listen operation")
2048
2049 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
2050 if result not in res:
2051 raise Exception("Unexpected result: " + res)
2052 if fail:
2053 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2054 if ev is None or fail not in ev:
2055 raise Exception("Failure not reported correctly: " + str(ev))
2056
2057 dev[1].request("DPP_STOP_LISTEN")
2058 dev[0].dump_monitor()
2059 dev[1].dump_monitor()
2060
2061 def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2062 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2063 check_dpp_capab(dev[0])
2064 check_dpp_capab(dev[1])
2065 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2066 "BootstrapResult,Errorsent",
2067 None),
2068 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2069 "BootstrapResult,Errorsent",
2070 "No DPP Status attribute"),
2071 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2072 "BootstrapResult,Errorsent",
2073 "No valid peer bootstrapping key found") ]
2074 for step, frame, attr, result, fail in tests:
2075 dev[0].request("FLUSH")
2076 dev[1].request("FLUSH")
2077 sigma = start_sigma_dut(dev[0].ifname)
2078 try:
2079 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2080 result, fail)
2081 finally:
2082 stop_sigma_dut(sigma)
2083
2084 def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2085 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2086 t.start()
2087 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
2088 t.join()
2089 if result not in res:
2090 raise Exception("Unexpected result: " + res)
2091 if fail:
2092 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2093 if ev is None or fail not in ev:
2094 raise Exception("Failure not reported correctly:" + str(ev))
2095
2096 dev[1].request("DPP_STOP_LISTEN")
2097 dev[0].dump_monitor()
2098 dev[1].dump_monitor()
2099
2100 def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2101 check_dpp_capab(dev[0])
2102 check_dpp_capab(dev[1])
2103
2104 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2105 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2106 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2107 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2108
2109 params = { "ssid": "DPPNET01",
2110 "wpa": "2",
2111 "ieee80211w": "2",
2112 "wpa_key_mgmt": "DPP",
2113 "rsn_pairwise": "CCMP",
2114 "dpp_connector": ap_connector,
2115 "dpp_csign": csign_pub,
2116 "dpp_netaccesskey": ap_netaccesskey }
2117 try:
2118 hapd = hostapd.add_ap(apdev[0], params)
2119 except:
2120 raise HwsimSkip("DPP not supported")
2121
2122 dev[0].set("dpp_config_processing", "2")
2123
2124 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2125 res = dev[1].request(cmd)
2126 if "FAIL" in res:
2127 raise Exception("Failed to add configurator")
2128 conf_id = int(res)
2129
2130 addr = dev[1].own_addr().replace(':', '')
2131 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2132 res = dev[1].request(cmd)
2133 if "FAIL" in res:
2134 raise Exception("Failed to generate bootstrapping info")
2135 id0 = int(res)
2136 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2137
2138 dev[1].set("dpp_configurator_params",
2139 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
2140 conf_id))
2141 cmd = "DPP_LISTEN 2437 role=configurator"
2142 if "OK" not in dev[1].request(cmd):
2143 raise Exception("Failed to start listen operation")
2144
2145 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
2146 if "status,COMPLETE" not in res:
2147 raise Exception("dev_exec_action did not succeed: " + res)
2148
2149 def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2150 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2151 sigma = start_sigma_dut(dev[0].ifname)
2152 try:
2153 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2154
2155 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2156 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2157 raise Exception("Unexpected result: " + res)
2158 finally:
2159 dev[0].set("dpp_config_processing", "0")
2160 stop_sigma_dut(sigma)
2161
2162 def test_sigma_dut_dpp_self_config(dev, apdev):
2163 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2164 check_dpp_capab(dev[0])
2165
2166 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2167 check_dpp_capab(hapd)
2168
2169 sigma = start_sigma_dut(dev[0].ifname)
2170 try:
2171 dev[0].set("dpp_config_processing", "2")
2172 addr = hapd.own_addr().replace(':', '')
2173 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2174 res = hapd.request(cmd)
2175 if "FAIL" in res:
2176 raise Exception("Failed to generate bootstrapping info")
2177 id = int(res)
2178 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2179
2180 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2181 if "status,COMPLETE" not in res:
2182 raise Exception("dev_exec_action did not succeed: " + res)
2183
2184 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2185 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2186 raise Exception("Unexpected result: " + res)
2187 update_hapd_config(hapd)
2188
2189 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2190 res = sigma_dut_cmd(cmd, timeout=10)
2191 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2192 raise Exception("Unexpected result: " + res)
2193 finally:
2194 stop_sigma_dut(sigma)
2195 dev[0].set("dpp_config_processing", "0")
2196
2197 def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2198 """sigma_dut DPP AP Configurator using self-configuration"""
2199 logdir = os.path.join(params['logdir'],
2200 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2201 with HWSimRadio() as (radio, iface):
2202 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2203 try:
2204 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2205 finally:
2206 stop_sigma_dut(sigma)
2207 dev[0].set("dpp_config_processing", "0")
2208
2209 def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2210 check_dpp_capab(dev[0])
2211
2212 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2213
2214 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2215 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2216 raise Exception("Unexpected result: " + res)
2217
2218 dev[0].set("dpp_config_processing", "2")
2219
2220 addr = dev[0].own_addr().replace(':', '')
2221 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2222 res = dev[0].request(cmd)
2223 if "FAIL" in res:
2224 raise Exception("Failed to generate bootstrapping info")
2225 id = int(res)
2226 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2227 cmd = "DPP_LISTEN 2462 role=enrollee"
2228 if "OK" not in dev[0].request(cmd):
2229 raise Exception("Failed to start listen operation")
2230
2231 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2232 if "status,COMPLETE" not in res:
2233 raise Exception("dev_exec_action did not succeed: " + res)
2234 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2235 res = sigma_dut_cmd(cmd)
2236 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2237 raise Exception("Unexpected result: " + res)
2238 dev[0].wait_connected()
2239 dev[0].request("DISCONNECT")
2240 dev[0].wait_disconnected()
2241 sigma_dut_cmd_check("ap_reset_default")
2242
2243 def test_sigma_dut_preconfigured_profile(dev, apdev):
2244 """sigma_dut controlled connection using preconfigured profile"""
2245 try:
2246 run_sigma_dut_preconfigured_profile(dev, apdev)
2247 finally:
2248 dev[0].set("ignore_old_scan_res", "0")
2249
2250 def run_sigma_dut_preconfigured_profile(dev, apdev):
2251 ifname = dev[0].ifname
2252 sigma = start_sigma_dut(ifname)
2253
2254 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2255 hapd = hostapd.add_ap(apdev[0], params)
2256 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2257 only_add_network=True)
2258
2259 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2260 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2261 sigma_dut_wait_connected(ifname)
2262 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2263 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2264 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2265
2266 stop_sigma_dut(sigma)
2267
2268 def test_sigma_dut_wps_pbc(dev, apdev):
2269 """sigma_dut and WPS PBC Enrollee"""
2270 try:
2271 run_sigma_dut_wps_pbc(dev, apdev)
2272 finally:
2273 dev[0].set("ignore_old_scan_res", "0")
2274
2275 def run_sigma_dut_wps_pbc(dev, apdev):
2276 ssid = "test-wps-conf"
2277 hapd = hostapd.add_ap(apdev[0],
2278 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2279 "wpa_passphrase": "12345678", "wpa": "2",
2280 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2281 hapd.request("WPS_PBC")
2282
2283 ifname = dev[0].ifname
2284 sigma = start_sigma_dut(ifname)
2285
2286 cmd = "start_wps_registration,interface,%s" % ifname
2287 cmd += ",WpsRole,Enrollee"
2288 cmd += ",WpsConfigMethod,PBC"
2289 sigma_dut_cmd_check(cmd, timeout=15)
2290
2291 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2292 hapd.disable()
2293 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2294 stop_sigma_dut(sigma)
2295 dev[0].flush_scan_cache()
2296
2297 def test_sigma_dut_sta_scan_bss(dev, apdev):
2298 """sigma_dut sta_scan_bss"""
2299 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2300 sigma = start_sigma_dut(dev[0].ifname)
2301 try:
2302 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2303 hapd.own_addr())
2304 res = sigma_dut_cmd(cmd, timeout=10)
2305 if "ssid,test,bsschannel,1" not in res:
2306 raise Exception("Unexpected result: " + res)
2307 finally:
2308 stop_sigma_dut(sigma)
2309
2310 def test_sigma_dut_ap_osen(dev, apdev, params):
2311 """sigma_dut controlled AP with OSEN"""
2312 logdir = os.path.join(params['logdir'],
2313 "sigma_dut_ap_osen.sigma-hostapd")
2314 with HWSimRadio() as (radio, iface):
2315 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2316 try:
2317 sigma_dut_cmd_check("ap_reset_default")
2318 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2319 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2320 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2321 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2322
2323 # RSN-OSEN (for OSU)
2324 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2325 pairwise="CCMP", group="GTK_NOT_USED",
2326 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2327 ca_cert="auth_serv/ca.pem", scan_freq="2412")
2328
2329 sigma_dut_cmd_check("ap_reset_default")
2330 finally:
2331 stop_sigma_dut(sigma)
2332
2333 def test_sigma_dut_ap_eap_osen(dev, apdev, params):
2334 """sigma_dut controlled AP with EAP+OSEN"""
2335 logdir = os.path.join(params['logdir'],
2336 "sigma_dut_ap_eap_osen.sigma-hostapd")
2337 with HWSimRadio() as (radio, iface):
2338 sigma = start_sigma_dut(iface, bridge="ap-br0", hostapd_logdir=logdir)
2339 try:
2340 sigma_dut_cmd_check("ap_reset_default")
2341 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2342 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2343 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2344 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2345
2346 subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
2347 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2348
2349 # RSN-OSEN (for OSU)
2350 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2351 pairwise="CCMP",
2352 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2353 ca_cert="auth_serv/ca.pem", ieee80211w='2',
2354 scan_freq="2412")
2355 # RSN-EAP (for data connection)
2356 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
2357 identity="hs20-test", password="password",
2358 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
2359 ieee80211w='2', scan_freq="2412")
2360
2361 hwsim_utils.test_connectivity(dev[0], dev[1], broadcast=False,
2362 success_expected=False, timeout=1)
2363
2364 sigma_dut_cmd_check("ap_reset_default")
2365 finally:
2366 stop_sigma_dut(sigma)
2367 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2368 stderr=open('/dev/null', 'w'))
2369 subprocess.call(['brctl', 'delbr', 'ap-br0'],
2370 stderr=open('/dev/null', 'w'))
2371
2372 def test_sigma_dut_ap_eap(dev, apdev, params):
2373 """sigma_dut controlled AP WPA2-Enterprise"""
2374 logdir = os.path.join(params['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2375 with HWSimRadio() as (radio, iface):
2376 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2377 try:
2378 sigma_dut_cmd_check("ap_reset_default")
2379 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2380 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2381 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2382 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2383
2384 dev[0].connect("test-eap", key_mgmt="WPA-EAP", eap="GPSK",
2385 identity="gpsk user",
2386 password="abcdefghijklmnop0123456789abcdef",
2387 scan_freq="2412")
2388
2389 sigma_dut_cmd_check("ap_reset_default")
2390 finally:
2391 stop_sigma_dut(sigma)
2392
2393 def test_sigma_dut_ap_eap_sha256(dev, apdev, params):
2394 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2395 logdir = os.path.join(params['logdir'],
2396 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2397 with HWSimRadio() as (radio, iface):
2398 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2399 try:
2400 sigma_dut_cmd_check("ap_reset_default")
2401 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2402 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2403 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2404 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2405
2406 dev[0].connect("test-eap", key_mgmt="WPA-EAP-SHA256", eap="GPSK",
2407 identity="gpsk user",
2408 password="abcdefghijklmnop0123456789abcdef",
2409 scan_freq="2412")
2410
2411 sigma_dut_cmd_check("ap_reset_default")
2412 finally:
2413 stop_sigma_dut(sigma)
2414
2415 def test_sigma_dut_ap_ft_eap(dev, apdev, params):
2416 """sigma_dut controlled AP FT-EAP"""
2417 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2418 with HWSimRadio() as (radio, iface):
2419 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2420 try:
2421 sigma_dut_cmd_check("ap_reset_default")
2422 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2423 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2424 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2425 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2426
2427 dev[0].connect("test-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2428 identity="gpsk user",
2429 password="abcdefghijklmnop0123456789abcdef",
2430 scan_freq="2412")
2431
2432 sigma_dut_cmd_check("ap_reset_default")
2433 finally:
2434 stop_sigma_dut(sigma)
2435
2436 def test_sigma_dut_ap_ft_psk(dev, apdev, params):
2437 """sigma_dut controlled AP FT-PSK"""
2438 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2439 with HWSimRadio() as (radio, iface):
2440 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2441 try:
2442 sigma_dut_cmd_check("ap_reset_default")
2443 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2444 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2445 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2446
2447 dev[0].connect("test-ft-psk", key_mgmt="FT-PSK", psk="12345678",
2448 scan_freq="2412")
2449
2450 sigma_dut_cmd_check("ap_reset_default")
2451 finally:
2452 stop_sigma_dut(sigma)
2453
2454 def test_sigma_dut_ap_ent_ft_eap(dev, apdev, params):
2455 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2456 logdir = os.path.join(params['logdir'],
2457 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2458 with HWSimRadio() as (radio, iface):
2459 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2460 try:
2461 sigma_dut_cmd_check("ap_reset_default")
2462 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2463 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2464 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2465 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2466
2467 dev[0].connect("test-ent-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2468 identity="gpsk user",
2469 password="abcdefghijklmnop0123456789abcdef",
2470 scan_freq="2412")
2471 dev[1].connect("test-ent-ft-eap", key_mgmt="WPA-EAP", eap="GPSK",
2472 identity="gpsk user",
2473 password="abcdefghijklmnop0123456789abcdef",
2474 scan_freq="2412")
2475
2476 sigma_dut_cmd_check("ap_reset_default")
2477 finally:
2478 stop_sigma_dut(sigma)
2479
2480 def test_sigma_dut_venue_url(dev, apdev):
2481 """sigma_dut controlled Venue URL fetch"""
2482 try:
2483 run_sigma_dut_venue_url(dev, apdev)
2484 finally:
2485 dev[0].set("ignore_old_scan_res", "0")
2486
2487 def run_sigma_dut_venue_url(dev, apdev):
2488 ifname = dev[0].ifname
2489 sigma = start_sigma_dut(ifname, debug=True)
2490
2491 ssid = "venue"
2492 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
2493 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2494 params["ieee80211w"] = "2"
2495
2496 venue_group = 1
2497 venue_type = 13
2498 venue_info = struct.pack('BB', venue_group, venue_type)
2499 lang1 = "eng"
2500 name1 = "Example venue"
2501 lang2 = "fin"
2502 name2 = "Esimerkkipaikka"
2503 venue1 = struct.pack('B', len(lang1 + name1)) + lang1.encode() + name1.encode()
2504 venue2 = struct.pack('B', len(lang2 + name2)) + lang2.encode() + name2.encode()
2505 venue_name = binascii.hexlify(venue_info + venue1 + venue2)
2506
2507 url1 = "http://example.com/venue"
2508 url2 = "https://example.org/venue-info/"
2509 params["venue_group"] = str(venue_group)
2510 params["venue_type"] = str(venue_type)
2511 params["venue_name"] = [ lang1 + ":" + name1, lang2 + ":" + name2 ]
2512 params["venue_url"] = [ "1:" + url1, "2:" + url2 ]
2513
2514 hapd = hostapd.add_ap(apdev[0], params)
2515
2516 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
2517 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2518 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "venue", "12345678"))
2519 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "venue"))
2520 sigma_dut_wait_connected(ifname)
2521 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2522 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname + ",Display,Yes")
2523 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2524 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2525
2526 stop_sigma_dut(sigma)
2527
2528 def test_sigma_dut_hs20_assoc_24(dev, apdev):
2529 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2530 run_sigma_dut_hs20_assoc(dev, apdev, True)
2531
2532 def test_sigma_dut_hs20_assoc_5(dev, apdev):
2533 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2534 run_sigma_dut_hs20_assoc(dev, apdev, False)
2535
2536 def run_sigma_dut_hs20_assoc(dev, apdev, band24):
2537 hapd0 = None
2538 hapd1 = None
2539 try:
2540 bssid0 = apdev[0]['bssid']
2541 params = hs20_ap_params()
2542 params['hessid'] = bssid0
2543 hapd0 = hostapd.add_ap(apdev[0], params)
2544
2545 bssid1 = apdev[1]['bssid']
2546 params = hs20_ap_params()
2547 params['hessid'] = bssid0
2548 params["hw_mode"] = "a"
2549 params["channel"] = "36"
2550 params["country_code"] = "US"
2551 hapd1 = hostapd.add_ap(apdev[1], params)
2552
2553 band = "2.4" if band24 else "5"
2554 exp_bssid = bssid0 if band24 else bssid1
2555 run_sigma_dut_hs20_assoc_2(dev, apdev, band, exp_bssid)
2556 finally:
2557 dev[0].request("DISCONNECT")
2558 if hapd0:
2559 hapd0.request("DISABLE")
2560 if hapd1:
2561 hapd1.request("DISABLE")
2562 subprocess.call(['iw', 'reg', 'set', '00'])
2563 dev[0].flush_scan_cache()
2564
2565 def run_sigma_dut_hs20_assoc_2(dev, apdev, band, expect_bssid):
2566 check_eap_capa(dev[0], "MSCHAPV2")
2567 dev[0].flush_scan_cache()
2568
2569 ifname = dev[0].ifname
2570 sigma = start_sigma_dut(ifname, debug=True)
2571
2572 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname)
2573 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2574 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname)
2575 res = sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname, band),
2576 timeout=15)
2577 sigma_dut_wait_connected(ifname)
2578 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2579 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2580 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2581
2582 stop_sigma_dut(sigma)
2583
2584 if "BSSID," + expect_bssid not in res:
2585 raise Exception("Unexpected BSSID: " + res)
2586
2587 def test_sigma_dut_ap_hs20(dev, apdev, params):
2588 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2589 logdir = os.path.join(params['logdir'],
2590 "sigma_dut_ap_hs20.sigma-hostapd")
2591 conffile = os.path.join(params['logdir'],
2592 "sigma_dut_ap_hs20.sigma-conf")
2593 with HWSimRadio() as (radio, iface):
2594 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2595 try:
2596 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2597 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2598 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2599 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2600 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
2601 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
2602 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2603 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2604 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2605 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2606 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2607 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
2608 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
2609 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2610
2611 with open("/tmp/sigma_dut-ap.conf", "rb") as f:
2612 with open(conffile, "wb") as f2:
2613 f2.write(f.read())
2614
2615 sigma_dut_cmd_check("ap_reset_default")
2616 finally:
2617 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.