1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
8 logger
= logging
.getLogger()
16 from utils
import HwsimSkip
17 from hwsim
import HWSimRadio
18 from test_dpp
import check_dpp_capab
, update_hapd_config
19 from test_suite_b
import check_suite_b_192_capa
, suite_b_as_params
, suite_b_192_rsa_ap_params
21 def check_sigma_dut():
22 if not os
.path
.exists("./sigma_dut"):
23 raise HwsimSkip("sigma_dut not available")
25 def sigma_dut_cmd(cmd
, port
=9000, timeout
=2):
26 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
28 sock
.settimeout(timeout
)
29 addr
= ('127.0.0.1', port
)
31 sock
.send(cmd
+ "\r\n")
36 for line
in res
.splitlines():
37 if line
.startswith("status,RUNNING"):
39 elif line
.startswith("status,INVALID"):
41 elif line
.startswith("status,ERROR"):
43 elif line
.startswith("status,COMPLETE"):
45 if running
and not done
:
46 # Read the actual response
53 logger
.debug("sigma_dut: '%s' --> '%s'" % (cmd
, res
))
56 def sigma_dut_cmd_check(cmd
, port
=9000, timeout
=2):
57 res
= sigma_dut_cmd(cmd
, port
=port
, timeout
=timeout
)
58 if "COMPLETE" not in res
:
59 raise Exception("sigma_dut command failed: " + cmd
)
62 def start_sigma_dut(ifname
, debug
=False, hostapd_logdir
=None, cert_path
=None):
64 cmd
= [ './sigma_dut',
67 '-F', '../../hostapd/hostapd',
69 '-w', '/var/run/wpa_supplicant/',
74 cmd
+= [ '-H', hostapd_logdir
]
76 cmd
+= [ '-C', cert_path
]
77 sigma
= subprocess
.Popen(cmd
, stdout
=subprocess
.PIPE
,
78 stderr
=subprocess
.PIPE
)
81 res
= sigma_dut_cmd("HELLO")
87 def stop_sigma_dut(sigma
):
90 out
, err
= sigma
.communicate()
91 logger
.debug("sigma_dut stdout: " + str(out
))
92 logger
.debug("sigma_dut stderr: " + str(err
))
94 def sigma_dut_wait_connected(ifname
):
96 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
97 if "connected,1" in res
:
101 raise Exception("Connection did not complete")
103 def test_sigma_dut_basic(dev
, apdev
):
104 """sigma_dut basic functionality"""
105 sigma
= start_sigma_dut(dev
[0].ifname
)
107 res
= sigma_dut_cmd("UNKNOWN")
108 if "status,INVALID,errorCode,Unknown command" not in res
:
109 raise Exception("Unexpected sigma_dut response to unknown command")
111 tests
= [ ("ca_get_version", "status,COMPLETE,version,1.0"),
112 ("device_get_info", "status,COMPLETE,vendor"),
113 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
114 ("device_list_interfaces,interfaceType,802.11",
115 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev
[0].ifname
) ]
116 for cmd
, response
in tests
:
117 res
= sigma_dut_cmd(cmd
)
118 if response
not in res
:
119 raise Exception("Unexpected %s response: %s" % (cmd
, res
))
121 stop_sigma_dut(sigma
)
123 def test_sigma_dut_open(dev
, apdev
):
124 """sigma_dut controlled open network association"""
126 run_sigma_dut_open(dev
, apdev
)
128 dev
[0].set("ignore_old_scan_res", "0")
130 def run_sigma_dut_open(dev
, apdev
):
131 ifname
= dev
[0].ifname
132 sigma
= start_sigma_dut(ifname
)
134 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "open" })
136 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
137 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname
, "open"))
138 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "open"))
139 sigma_dut_wait_connected(ifname
)
140 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
141 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
142 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
144 stop_sigma_dut(sigma
)
146 def test_sigma_dut_psk_pmf(dev
, apdev
):
147 """sigma_dut controlled PSK+PMF association"""
149 run_sigma_dut_psk_pmf(dev
, apdev
)
151 dev
[0].set("ignore_old_scan_res", "0")
153 def run_sigma_dut_psk_pmf(dev
, apdev
):
154 ifname
= dev
[0].ifname
155 sigma
= start_sigma_dut(ifname
)
157 ssid
= "test-pmf-required"
158 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
159 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
160 params
["ieee80211w"] = "2"
161 hapd
= hostapd
.add_ap(apdev
[0], params
)
163 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
164 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
165 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname
, "test-pmf-required", "12345678"))
166 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
167 sigma_dut_wait_connected(ifname
)
168 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
169 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
170 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
172 stop_sigma_dut(sigma
)
174 def test_sigma_dut_psk_pmf_bip_cmac_128(dev
, apdev
):
175 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
177 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-128", "AES-128-CMAC")
179 dev
[0].set("ignore_old_scan_res", "0")
181 def test_sigma_dut_psk_pmf_bip_cmac_256(dev
, apdev
):
182 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
184 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-256", "BIP-CMAC-256")
186 dev
[0].set("ignore_old_scan_res", "0")
188 def test_sigma_dut_psk_pmf_bip_gmac_128(dev
, apdev
):
189 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
191 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-128", "BIP-GMAC-128")
193 dev
[0].set("ignore_old_scan_res", "0")
195 def test_sigma_dut_psk_pmf_bip_gmac_256(dev
, apdev
):
196 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
198 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "BIP-GMAC-256")
200 dev
[0].set("ignore_old_scan_res", "0")
202 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev
, apdev
):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
205 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "AES-128-CMAC",
208 dev
[0].set("ignore_old_scan_res", "0")
210 def run_sigma_dut_psk_pmf_cipher(dev
, apdev
, sigma_cipher
, hostapd_cipher
,
212 ifname
= dev
[0].ifname
213 sigma
= start_sigma_dut(ifname
)
215 ssid
= "test-pmf-required"
216 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
217 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
218 params
["ieee80211w"] = "2"
219 params
["group_mgmt_cipher"] = hostapd_cipher
220 hapd
= hostapd
.add_ap(apdev
[0], params
)
222 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
223 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
224 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname
, "test-pmf-required", "12345678", sigma_cipher
))
225 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
227 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
228 "CTRL-EVENT-CONNECTED"], timeout
=10)
230 raise Exception("Network selection result not indicated")
231 if "CTRL-EVENT-CONNECTED" in ev
:
232 raise Exception("Unexpected connection")
233 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
234 if "connected,1" in res
:
235 raise Exception("Connection reported")
237 sigma_dut_wait_connected(ifname
)
238 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
240 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
241 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
243 stop_sigma_dut(sigma
)
245 def test_sigma_dut_sae(dev
, apdev
):
246 """sigma_dut controlled SAE association"""
247 if "SAE" not in dev
[0].get_capability("auth_alg"):
248 raise HwsimSkip("SAE not supported")
250 ifname
= dev
[0].ifname
251 sigma
= start_sigma_dut(ifname
)
254 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
255 params
['wpa_key_mgmt'] = 'SAE'
256 params
["ieee80211w"] = "2"
257 hapd
= hostapd
.add_ap(apdev
[0], params
)
259 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
260 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
261 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", "12345678"))
262 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
263 sigma_dut_wait_connected(ifname
)
264 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
265 if dev
[0].get_status_field('sae_group') != '19':
266 raise Exception("Expected default SAE group not used")
267 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
269 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
271 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
272 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname
, "test-sae", "12345678"))
273 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
274 sigma_dut_wait_connected(ifname
)
275 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
276 if dev
[0].get_status_field('sae_group') != '20':
277 raise Exception("Expected SAE group not used")
278 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
279 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
281 stop_sigma_dut(sigma
)
283 def test_sigma_dut_sae_password(dev
, apdev
):
284 """sigma_dut controlled SAE association and long password"""
285 if "SAE" not in dev
[0].get_capability("auth_alg"):
286 raise HwsimSkip("SAE not supported")
288 ifname
= dev
[0].ifname
289 sigma
= start_sigma_dut(ifname
)
293 params
= hostapd
.wpa2_params(ssid
=ssid
)
294 params
['sae_password'] = 100*'B'
295 params
['wpa_key_mgmt'] = 'SAE'
296 params
["ieee80211w"] = "2"
297 hapd
= hostapd
.add_ap(apdev
[0], params
)
299 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
300 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
301 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", 100*'B'))
302 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
303 sigma_dut_wait_connected(ifname
)
304 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
305 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
306 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
308 stop_sigma_dut(sigma
)
310 def test_sigma_dut_sta_override_rsne(dev
, apdev
):
311 """sigma_dut and RSNE override on STA"""
313 run_sigma_dut_sta_override_rsne(dev
, apdev
)
315 dev
[0].set("ignore_old_scan_res", "0")
317 def run_sigma_dut_sta_override_rsne(dev
, apdev
):
318 ifname
= dev
[0].ifname
319 sigma
= start_sigma_dut(ifname
)
322 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
323 hapd
= hostapd
.add_ap(apdev
[0], params
)
325 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
327 tests
= [ "30120100000fac040100000fac040100000fac02",
328 "30140100000fac040100000fac040100000fac02ffff" ]
330 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
331 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname
, test
))
332 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
333 sigma_dut_wait_connected(ifname
)
334 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
335 dev
[0].dump_monitor()
337 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
338 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname
)
339 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
341 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
343 raise Exception("Association rejection not reported")
344 if "status_code=40" not in ev
:
345 raise Exception("Unexpected status code: " + ev
)
347 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
349 stop_sigma_dut(sigma
)
351 def test_sigma_dut_ap_psk(dev
, apdev
):
352 """sigma_dut controlled AP"""
353 with
HWSimRadio() as (radio
, iface
):
354 sigma
= start_sigma_dut(iface
)
356 sigma_dut_cmd_check("ap_reset_default")
357 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
358 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
359 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
361 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
363 sigma_dut_cmd_check("ap_reset_default")
365 stop_sigma_dut(sigma
)
367 def test_sigma_dut_ap_pskhex(dev
, apdev
, params
):
368 """sigma_dut controlled AP and PSKHEX"""
369 logdir
= os
.path
.join(params
['logdir'],
370 "sigma_dut_ap_pskhex.sigma-hostapd")
371 with
HWSimRadio() as (radio
, iface
):
372 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
374 psk
= "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
375 sigma_dut_cmd_check("ap_reset_default")
376 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
377 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk
)
378 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
380 dev
[0].connect("test-psk", raw_psk
=psk
, scan_freq
="2412")
382 sigma_dut_cmd_check("ap_reset_default")
384 stop_sigma_dut(sigma
)
386 def test_sigma_dut_suite_b(dev
, apdev
, params
):
387 """sigma_dut controlled STA Suite B"""
388 check_suite_b_192_capa(dev
)
389 logdir
= params
['logdir']
391 with
open("auth_serv/ec2-ca.pem", "r") as f
:
392 with
open(os
.path
.join(logdir
, "suite_b_ca.pem"), "w") as f2
:
395 with
open("auth_serv/ec2-user.pem", "r") as f
:
396 with
open("auth_serv/ec2-user.key", "r") as f2
:
397 with
open(os
.path
.join(logdir
, "suite_b.pem"), "w") as f3
:
401 dev
[0].flush_scan_cache()
402 params
= suite_b_as_params()
403 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
404 params
['server_cert'] = 'auth_serv/ec2-server.pem'
405 params
['private_key'] = 'auth_serv/ec2-server.key'
406 params
['openssl_ciphers'] = 'SUITEB192'
407 hostapd
.add_ap(apdev
[1], params
)
409 params
= { "ssid": "test-suite-b",
411 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
412 "rsn_pairwise": "GCMP-256",
413 "group_mgmt_cipher": "BIP-GMAC-256",
416 'auth_server_addr': "127.0.0.1",
417 'auth_server_port': "18129",
418 'auth_server_shared_secret': "radius",
419 'nas_identifier': "nas.w1.fi" }
420 hapd
= hostapd
.add_ap(apdev
[0], params
)
422 ifname
= dev
[0].ifname
423 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
425 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
426 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
427 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,PMF,Required,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname
, "test-suite-b"))
428 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
429 sigma_dut_wait_connected(ifname
)
430 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
431 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
432 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
434 stop_sigma_dut(sigma
)
436 def test_sigma_dut_suite_b_rsa(dev
, apdev
, params
):
437 """sigma_dut controlled STA Suite B (RSA)"""
438 check_suite_b_192_capa(dev
)
439 logdir
= params
['logdir']
441 with
open("auth_serv/rsa3072-ca.pem", "r") as f
:
442 with
open(os
.path
.join(logdir
, "suite_b_ca_rsa.pem"), "w") as f2
:
445 with
open("auth_serv/rsa3072-user.pem", "r") as f
:
446 with
open("auth_serv/rsa3072-user.key", "r") as f2
:
447 with
open(os
.path
.join(logdir
, "suite_b_rsa.pem"), "w") as f3
:
451 dev
[0].flush_scan_cache()
452 params
= suite_b_192_rsa_ap_params()
453 hapd
= hostapd
.add_ap(apdev
[0], params
)
455 ifname
= dev
[0].ifname
456 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
458 cmd
= "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,PMF,Required,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname
, "test-suite-b")
461 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
462 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
464 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
465 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
466 sigma_dut_cmd_check(cmd
+ extra
)
467 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
468 sigma_dut_wait_connected(ifname
)
469 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
470 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
471 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
473 stop_sigma_dut(sigma
)
475 def test_sigma_dut_ap_suite_b(dev
, apdev
, params
):
476 """sigma_dut controlled AP Suite B"""
477 check_suite_b_192_capa(dev
)
478 logdir
= os
.path
.join(params
['logdir'],
479 "sigma_dut_ap_suite_b.sigma-hostapd")
480 params
= suite_b_as_params()
481 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
482 params
['server_cert'] = 'auth_serv/ec2-server.pem'
483 params
['private_key'] = 'auth_serv/ec2-server.key'
484 params
['openssl_ciphers'] = 'SUITEB192'
485 hostapd
.add_ap(apdev
[1], params
)
486 with
HWSimRadio() as (radio
, iface
):
487 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
489 sigma_dut_cmd_check("ap_reset_default")
490 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
491 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
492 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required")
493 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
495 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
497 openssl_ciphers
="SUITEB192",
498 eap
="TLS", identity
="tls user",
499 ca_cert
="auth_serv/ec2-ca.pem",
500 client_cert
="auth_serv/ec2-user.pem",
501 private_key
="auth_serv/ec2-user.key",
502 pairwise
="GCMP-256", group
="GCMP-256",
505 sigma_dut_cmd_check("ap_reset_default")
507 stop_sigma_dut(sigma
)
509 def test_sigma_dut_ap_cipher_gcmp_128(dev
, apdev
, params
):
510 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
511 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-128", "BIP-GMAC-128",
514 def test_sigma_dut_ap_cipher_gcmp_256(dev
, apdev
, params
):
515 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
516 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
519 def test_sigma_dut_ap_cipher_ccmp_128(dev
, apdev
, params
):
520 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
521 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128", "BIP-CMAC-128",
524 def test_sigma_dut_ap_cipher_ccmp_256(dev
, apdev
, params
):
525 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
526 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-256", "BIP-CMAC-256",
529 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev
, apdev
, params
):
530 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
531 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
532 "BIP-GMAC-256", "CCMP")
534 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev
, apdev
, params
):
535 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
536 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
537 "BIP-GMAC-256", "GCMP-256", "CCMP")
539 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev
, apdev
, params
):
540 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
541 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
542 "GCMP-256", "CCMP", "AES-CCMP-128")
544 def run_sigma_dut_ap_cipher(dev
, apdev
, params
, ap_pairwise
, ap_group_mgmt
,
545 sta_cipher
, sta_cipher_group
=None, ap_group
=None):
546 check_suite_b_192_capa(dev
)
547 logdir
= os
.path
.join(params
['logdir'],
548 "sigma_dut_ap_cipher.sigma-hostapd")
549 params
= suite_b_as_params()
550 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
551 params
['server_cert'] = 'auth_serv/ec2-server.pem'
552 params
['private_key'] = 'auth_serv/ec2-server.key'
553 params
['openssl_ciphers'] = 'SUITEB192'
554 hostapd
.add_ap(apdev
[1], params
)
555 with
HWSimRadio() as (radio
, iface
):
556 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
558 sigma_dut_cmd_check("ap_reset_default")
559 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
560 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
561 cmd
= "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise
, ap_group_mgmt
)
563 cmd
+= ",GroupCipher,%s" % ap_group
564 sigma_dut_cmd_check(cmd
)
565 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
567 if sta_cipher_group
is None:
568 sta_cipher_group
= sta_cipher
569 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
571 openssl_ciphers
="SUITEB192",
572 eap
="TLS", identity
="tls user",
573 ca_cert
="auth_serv/ec2-ca.pem",
574 client_cert
="auth_serv/ec2-user.pem",
575 private_key
="auth_serv/ec2-user.key",
576 pairwise
=sta_cipher
, group
=sta_cipher_group
,
579 sigma_dut_cmd_check("ap_reset_default")
581 stop_sigma_dut(sigma
)
583 def test_sigma_dut_ap_override_rsne(dev
, apdev
):
584 """sigma_dut controlled AP overriding RSNE"""
585 with
HWSimRadio() as (radio
, iface
):
586 sigma
= start_sigma_dut(iface
)
588 sigma_dut_cmd_check("ap_reset_default")
589 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
590 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
591 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface
)
592 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
594 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
596 sigma_dut_cmd_check("ap_reset_default")
598 stop_sigma_dut(sigma
)
600 def test_sigma_dut_ap_sae(dev
, apdev
, params
):
601 """sigma_dut controlled AP with SAE"""
602 logdir
= os
.path
.join(params
['logdir'],
603 "sigma_dut_ap_sae.sigma-hostapd")
604 if "SAE" not in dev
[0].get_capability("auth_alg"):
605 raise HwsimSkip("SAE not supported")
606 with
HWSimRadio() as (radio
, iface
):
607 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
609 sigma_dut_cmd_check("ap_reset_default")
610 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
611 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
612 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
614 dev
[0].request("SET sae_groups ")
615 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
616 ieee80211w
="2", scan_freq
="2412")
617 if dev
[0].get_status_field('sae_group') != '19':
618 raise Exception("Expected default SAE group not used")
620 sigma_dut_cmd_check("ap_reset_default")
622 stop_sigma_dut(sigma
)
624 def test_sigma_dut_ap_sae_password(dev
, apdev
, params
):
625 """sigma_dut controlled AP with SAE and long password"""
626 logdir
= os
.path
.join(params
['logdir'],
627 "sigma_dut_ap_sae_password.sigma-hostapd")
628 if "SAE" not in dev
[0].get_capability("auth_alg"):
629 raise HwsimSkip("SAE not supported")
630 with
HWSimRadio() as (radio
, iface
):
631 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
633 sigma_dut_cmd_check("ap_reset_default")
634 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
635 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
636 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
638 dev
[0].request("SET sae_groups ")
639 dev
[0].connect("test-sae", key_mgmt
="SAE", sae_password
=100*'C',
640 ieee80211w
="2", scan_freq
="2412")
641 if dev
[0].get_status_field('sae_group') != '19':
642 raise Exception("Expected default SAE group not used")
644 sigma_dut_cmd_check("ap_reset_default")
646 stop_sigma_dut(sigma
)
648 def test_sigma_dut_ap_sae_group(dev
, apdev
, params
):
649 """sigma_dut controlled AP with SAE and specific group"""
650 logdir
= os
.path
.join(params
['logdir'],
651 "sigma_dut_ap_sae_group.sigma-hostapd")
652 if "SAE" not in dev
[0].get_capability("auth_alg"):
653 raise HwsimSkip("SAE not supported")
654 with
HWSimRadio() as (radio
, iface
):
655 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
657 sigma_dut_cmd_check("ap_reset_default")
658 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
659 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
660 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
662 dev
[0].request("SET sae_groups ")
663 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
664 ieee80211w
="2", scan_freq
="2412")
665 if dev
[0].get_status_field('sae_group') != '20':
666 raise Exception("Expected SAE group not used")
668 sigma_dut_cmd_check("ap_reset_default")
670 stop_sigma_dut(sigma
)
672 def test_sigma_dut_ap_psk_sae(dev
, apdev
, params
):
673 """sigma_dut controlled AP with PSK+SAE"""
674 if "SAE" not in dev
[0].get_capability("auth_alg"):
675 raise HwsimSkip("SAE not supported")
676 logdir
= os
.path
.join(params
['logdir'],
677 "sigma_dut_ap_psk_sae.sigma-hostapd")
678 with
HWSimRadio() as (radio
, iface
):
679 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
681 sigma_dut_cmd_check("ap_reset_default")
682 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
683 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
684 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
686 dev
[2].request("SET sae_groups ")
687 dev
[2].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
688 scan_freq
="2412", ieee80211w
="0", wait_connect
=False)
689 dev
[0].request("SET sae_groups ")
690 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
691 scan_freq
="2412", ieee80211w
="2")
692 dev
[1].connect("test-sae", psk
="12345678", scan_freq
="2412")
694 ev
= dev
[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=0.1)
695 dev
[2].request("DISCONNECT")
697 raise Exception("Unexpected connection without PMF")
699 sigma_dut_cmd_check("ap_reset_default")
701 stop_sigma_dut(sigma
)
703 def test_sigma_dut_owe(dev
, apdev
):
704 """sigma_dut controlled OWE station"""
706 run_sigma_dut_owe(dev
, apdev
)
708 dev
[0].set("ignore_old_scan_res", "0")
710 def run_sigma_dut_owe(dev
, apdev
):
711 if "OWE" not in dev
[0].get_capability("key_mgmt"):
712 raise HwsimSkip("OWE not supported")
714 ifname
= dev
[0].ifname
715 sigma
= start_sigma_dut(ifname
)
718 params
= { "ssid": "owe",
720 "wpa_key_mgmt": "OWE",
722 "rsn_pairwise": "CCMP" }
723 hapd
= hostapd
.add_ap(apdev
[0], params
)
724 bssid
= hapd
.own_addr()
726 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
727 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
728 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname
)
729 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
730 sigma_dut_wait_connected(ifname
)
731 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
733 dev
[0].dump_monitor()
734 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname
, bssid
))
735 dev
[0].wait_connected()
736 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
737 dev
[0].wait_disconnected()
738 dev
[0].dump_monitor()
740 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
741 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
742 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname
)
743 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
744 sigma_dut_wait_connected(ifname
)
745 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
746 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
747 dev
[0].wait_disconnected()
748 dev
[0].dump_monitor()
750 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
751 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
752 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname
)
753 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
754 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
755 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
757 raise Exception("Association not rejected")
758 if "status_code=77" not in ev
:
759 raise Exception("Unexpected rejection reason: " + ev
)
761 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
763 stop_sigma_dut(sigma
)
765 def test_sigma_dut_ap_owe(dev
, apdev
, params
):
766 """sigma_dut controlled AP with OWE"""
767 logdir
= os
.path
.join(params
['logdir'],
768 "sigma_dut_ap_owe.sigma-hostapd")
769 if "OWE" not in dev
[0].get_capability("key_mgmt"):
770 raise HwsimSkip("OWE not supported")
771 with
HWSimRadio() as (radio
, iface
):
772 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
774 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
775 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
776 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
777 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
779 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
782 sigma_dut_cmd_check("ap_reset_default")
784 stop_sigma_dut(sigma
)
786 def test_sigma_dut_ap_owe_ecgroupid(dev
, apdev
):
787 """sigma_dut controlled AP with OWE and ECGroupID"""
788 if "OWE" not in dev
[0].get_capability("key_mgmt"):
789 raise HwsimSkip("OWE not supported")
790 with
HWSimRadio() as (radio
, iface
):
791 sigma
= start_sigma_dut(iface
)
793 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
794 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
795 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
796 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
798 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
799 owe_group
="20", scan_freq
="2412")
800 dev
[0].request("REMOVE_NETWORK all")
801 dev
[0].wait_disconnected()
803 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
804 owe_group
="21", scan_freq
="2412")
805 dev
[0].request("REMOVE_NETWORK all")
806 dev
[0].wait_disconnected()
808 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
809 owe_group
="19", scan_freq
="2412", wait_connect
=False)
810 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
811 dev
[0].request("DISCONNECT")
813 raise Exception("Association not rejected")
814 if "status_code=77" not in ev
:
815 raise Exception("Unexpected rejection reason: " + ev
)
816 dev
[0].dump_monitor()
818 sigma_dut_cmd_check("ap_reset_default")
820 stop_sigma_dut(sigma
)
822 def test_sigma_dut_ap_owe_transition_mode(dev
, apdev
, params
):
823 """sigma_dut controlled AP with OWE and transition mode"""
824 if "OWE" not in dev
[0].get_capability("key_mgmt"):
825 raise HwsimSkip("OWE not supported")
826 logdir
= os
.path
.join(params
['logdir'],
827 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
828 with
HWSimRadio() as (radio
, iface
):
829 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
831 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
832 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
833 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
834 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
835 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
836 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
838 res1
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
839 res2
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
841 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
843 dev
[1].connect("owe", key_mgmt
="NONE", scan_freq
="2412")
844 if dev
[0].get_status_field('bssid') not in res1
:
845 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1
)
846 if dev
[1].get_status_field('bssid') not in res2
:
847 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2
)
849 sigma_dut_cmd_check("ap_reset_default")
851 stop_sigma_dut(sigma
)
853 def dpp_init_enrollee(dev
, id1
):
854 logger
.info("Starting DPP initiator/enrollee in a thread")
856 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
857 if "OK" not in dev
.request(cmd
):
858 raise Exception("Failed to initiate DPP Authentication")
859 ev
= dev
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
861 raise Exception("DPP configuration not completed (Enrollee)")
862 logger
.info("DPP initiator/enrollee done")
864 def test_sigma_dut_dpp_qr_resp_1(dev
, apdev
):
865 """sigma_dut DPP/QR responder (conf index 1)"""
866 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1)
868 def test_sigma_dut_dpp_qr_resp_2(dev
, apdev
):
869 """sigma_dut DPP/QR responder (conf index 2)"""
870 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 2)
872 def test_sigma_dut_dpp_qr_resp_3(dev
, apdev
):
873 """sigma_dut DPP/QR responder (conf index 3)"""
874 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 3)
876 def test_sigma_dut_dpp_qr_resp_4(dev
, apdev
):
877 """sigma_dut DPP/QR responder (conf index 4)"""
878 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 4)
880 def test_sigma_dut_dpp_qr_resp_5(dev
, apdev
):
881 """sigma_dut DPP/QR responder (conf index 5)"""
882 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 5)
884 def test_sigma_dut_dpp_qr_resp_6(dev
, apdev
):
885 """sigma_dut DPP/QR responder (conf index 6)"""
886 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 6)
888 def test_sigma_dut_dpp_qr_resp_7(dev
, apdev
):
889 """sigma_dut DPP/QR responder (conf index 7)"""
890 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 7)
892 def test_sigma_dut_dpp_qr_resp_chan_list(dev
, apdev
):
893 """sigma_dut DPP/QR responder (channel list override)"""
894 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1, chan_list
='81/2 81/6 81/1',
897 def run_sigma_dut_dpp_qr_resp(dev
, apdev
, conf_idx
, chan_list
=None,
899 check_dpp_capab(dev
[0])
900 check_dpp_capab(dev
[1])
901 sigma
= start_sigma_dut(dev
[0].ifname
)
903 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
905 cmd
+= ",DPPChannelList," + chan_list
906 res
= sigma_dut_cmd(cmd
)
907 if "status,COMPLETE" not in res
:
908 raise Exception("dev_exec_action did not succeed: " + res
)
909 hex = res
.split(',')[3]
910 uri
= hex.decode('hex')
911 logger
.info("URI from sigma_dut: " + uri
)
913 res
= dev
[1].request("DPP_QR_CODE " + uri
)
915 raise Exception("Failed to parse QR Code URI")
918 t
= threading
.Thread(target
=dpp_init_enrollee
, args
=(dev
[1], id1
))
920 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
922 cmd
+= ",DPPListenChannel," + str(listen_chan
)
923 res
= sigma_dut_cmd(cmd
, timeout
=10)
925 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
926 raise Exception("Unexpected result: " + res
)
928 stop_sigma_dut(sigma
)
930 def test_sigma_dut_dpp_qr_init_enrollee(dev
, apdev
):
931 """sigma_dut DPP/QR initiator as Enrollee"""
932 check_dpp_capab(dev
[0])
933 check_dpp_capab(dev
[1])
935 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
936 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
937 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
938 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
940 params
= { "ssid": "DPPNET01",
942 "wpa_key_mgmt": "DPP",
943 "rsn_pairwise": "CCMP",
944 "dpp_connector": ap_connector
,
945 "dpp_csign": csign_pub
,
946 "dpp_netaccesskey": ap_netaccesskey
}
948 hapd
= hostapd
.add_ap(apdev
[0], params
)
950 raise HwsimSkip("DPP not supported")
952 sigma
= start_sigma_dut(dev
[0].ifname
)
954 dev
[0].set("dpp_config_processing", "2")
956 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
957 res
= dev
[1].request(cmd
);
959 raise Exception("Failed to add configurator")
962 addr
= dev
[1].own_addr().replace(':', '')
963 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
964 res
= dev
[1].request(cmd
)
966 raise Exception("Failed to generate bootstrapping info")
968 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
970 dev
[1].set("dpp_configurator_params",
971 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id
));
972 cmd
= "DPP_LISTEN 2437 role=configurator"
973 if "OK" not in dev
[1].request(cmd
):
974 raise Exception("Failed to start listen operation")
976 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
977 if "status,COMPLETE" not in res
:
978 raise Exception("dev_exec_action did not succeed: " + res
)
980 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
981 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
982 raise Exception("Unexpected result: " + res
)
984 dev
[0].set("dpp_config_processing", "0")
985 stop_sigma_dut(sigma
)
987 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
988 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
989 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
)
991 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
):
992 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
993 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
,
994 extra
="DPPAuthDirection,Mutual,")
996 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
, extra
=''):
997 check_dpp_capab(dev
[0])
998 check_dpp_capab(dev
[1])
1000 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1001 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1002 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1003 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1005 params
= { "ssid": "DPPNET01",
1007 "wpa_key_mgmt": "DPP",
1008 "rsn_pairwise": "CCMP",
1009 "dpp_connector": ap_connector
,
1010 "dpp_csign": csign_pub
,
1011 "dpp_netaccesskey": ap_netaccesskey
}
1013 hapd
= hostapd
.add_ap(apdev
[0], params
)
1015 raise HwsimSkip("DPP not supported")
1017 sigma
= start_sigma_dut(dev
[0].ifname
)
1019 dev
[0].set("dpp_config_processing", "2")
1021 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1022 res
= dev
[1].request(cmd
);
1024 raise Exception("Failed to add configurator")
1027 addr
= dev
[1].own_addr().replace(':', '')
1028 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1029 res
= dev
[1].request(cmd
)
1031 raise Exception("Failed to generate bootstrapping info")
1033 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1035 dev
[1].set("dpp_configurator_params",
1036 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id
));
1037 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1038 if "OK" not in dev
[1].request(cmd
):
1039 raise Exception("Failed to start listen operation")
1041 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1042 if "status,COMPLETE" not in res
:
1043 raise Exception("dev_exec_action did not succeed: " + res
)
1044 hex = res
.split(',')[3]
1045 uri
= hex.decode('hex')
1046 logger
.info("URI from sigma_dut: " + uri
)
1048 res
= dev
[1].request("DPP_QR_CODE " + uri
)
1050 raise Exception("Failed to parse QR Code URI")
1053 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1054 if "status,COMPLETE" not in res
:
1055 raise Exception("dev_exec_action did not succeed: " + res
)
1057 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra
, timeout
=10)
1058 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1059 raise Exception("Unexpected result: " + res
)
1061 dev
[0].set("dpp_config_processing", "0")
1062 stop_sigma_dut(sigma
)
1064 def dpp_init_conf_mutual(dev
, id1
, conf_id
, own_id
=None):
1066 logger
.info("Starting DPP initiator/configurator in a thread")
1067 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1
, "DPPNET01".encode("hex"), conf_id
)
1068 if own_id
is not None:
1069 cmd
+= " own=%d" % own_id
1070 if "OK" not in dev
.request(cmd
):
1071 raise Exception("Failed to initiate DPP Authentication")
1072 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1074 raise Exception("DPP configuration not completed (Configurator)")
1075 logger
.info("DPP initiator/configurator done")
1077 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
):
1078 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1079 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
)
1081 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev
, apdev
):
1082 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1083 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, ',DPPDelayQRResponse,1')
1085 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, extra
=None):
1086 check_dpp_capab(dev
[0])
1087 check_dpp_capab(dev
[1])
1089 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1090 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1091 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1092 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1094 params
= { "ssid": "DPPNET01",
1096 "wpa_key_mgmt": "DPP",
1097 "rsn_pairwise": "CCMP",
1098 "dpp_connector": ap_connector
,
1099 "dpp_csign": csign_pub
,
1100 "dpp_netaccesskey": ap_netaccesskey
}
1102 hapd
= hostapd
.add_ap(apdev
[0], params
)
1104 raise HwsimSkip("DPP not supported")
1106 sigma
= start_sigma_dut(dev
[0].ifname
)
1108 dev
[0].set("dpp_config_processing", "2")
1110 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1111 res
= dev
[1].request(cmd
);
1113 raise Exception("Failed to add configurator")
1116 addr
= dev
[1].own_addr().replace(':', '')
1117 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1118 res
= dev
[1].request(cmd
)
1120 raise Exception("Failed to generate bootstrapping info")
1122 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1124 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1125 if "status,COMPLETE" not in res
:
1126 raise Exception("dev_exec_action did not succeed: " + res
)
1127 hex = res
.split(',')[3]
1128 uri
= hex.decode('hex')
1129 logger
.info("URI from sigma_dut: " + uri
)
1131 res
= dev
[1].request("DPP_QR_CODE " + uri
)
1133 raise Exception("Failed to parse QR Code URI")
1136 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1137 if "status,COMPLETE" not in res
:
1138 raise Exception("dev_exec_action did not succeed: " + res
)
1140 t
= threading
.Thread(target
=dpp_init_conf_mutual
,
1141 args
=(dev
[1], id1
, conf_id
, id0
))
1144 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1147 res
= sigma_dut_cmd(cmd
, timeout
=25)
1149 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1150 raise Exception("Unexpected result: " + res
)
1152 dev
[0].set("dpp_config_processing", "0")
1153 stop_sigma_dut(sigma
)
1155 def dpp_resp_conf_mutual(dev
, conf_id
, uri
):
1156 logger
.info("Starting DPP responder/configurator in a thread")
1157 dev
.set("dpp_configurator_params",
1158 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id
));
1159 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1160 if "OK" not in dev
.request(cmd
):
1161 raise Exception("Failed to initiate DPP listen")
1163 ev
= dev
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=10)
1165 raise Exception("QR Code scan for mutual authentication not requested")
1166 res
= dev
.request("DPP_QR_CODE " + uri
)
1168 raise Exception("Failed to parse QR Code URI")
1169 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1171 raise Exception("DPP configuration not completed (Configurator)")
1172 logger
.info("DPP responder/configurator done")
1174 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
1175 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1176 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, False)
1178 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev
, apdev
):
1179 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1180 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, True)
1182 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, resp_pending
):
1183 check_dpp_capab(dev
[0])
1184 check_dpp_capab(dev
[1])
1186 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1187 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1188 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1189 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1191 params
= { "ssid": "DPPNET01",
1193 "wpa_key_mgmt": "DPP",
1194 "rsn_pairwise": "CCMP",
1195 "dpp_connector": ap_connector
,
1196 "dpp_csign": csign_pub
,
1197 "dpp_netaccesskey": ap_netaccesskey
}
1199 hapd
= hostapd
.add_ap(apdev
[0], params
)
1201 raise HwsimSkip("DPP not supported")
1203 sigma
= start_sigma_dut(dev
[0].ifname
)
1205 dev
[0].set("dpp_config_processing", "2")
1207 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1208 res
= dev
[1].request(cmd
);
1210 raise Exception("Failed to add configurator")
1213 addr
= dev
[1].own_addr().replace(':', '')
1214 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1215 res
= dev
[1].request(cmd
)
1217 raise Exception("Failed to generate bootstrapping info")
1219 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1221 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1222 if "status,COMPLETE" not in res
:
1223 raise Exception("dev_exec_action did not succeed: " + res
)
1224 hex = res
.split(',')[3]
1225 uri
= hex.decode('hex')
1226 logger
.info("URI from sigma_dut: " + uri
)
1228 if not resp_pending
:
1229 res
= dev
[1].request("DPP_QR_CODE " + uri
)
1231 raise Exception("Failed to parse QR Code URI")
1234 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1235 if "status,COMPLETE" not in res
:
1236 raise Exception("dev_exec_action did not succeed: " + res
)
1238 t
= threading
.Thread(target
=dpp_resp_conf_mutual
,
1239 args
=(dev
[1], conf_id
, uri
))
1243 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1244 res
= sigma_dut_cmd(cmd
, timeout
=15)
1246 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1247 raise Exception("Unexpected result: " + res
)
1249 dev
[0].set("dpp_config_processing", "0")
1250 stop_sigma_dut(sigma
)
1252 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev
, apdev
):
1253 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1254 check_dpp_capab(dev
[0])
1255 check_dpp_capab(dev
[1])
1257 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1258 passphrase
="ThisIsDppPassphrase")
1259 hapd
= hostapd
.add_ap(apdev
[0], params
)
1261 sigma
= start_sigma_dut(dev
[0].ifname
)
1263 dev
[0].set("dpp_config_processing", "2")
1265 cmd
= "DPP_CONFIGURATOR_ADD"
1266 res
= dev
[1].request(cmd
);
1268 raise Exception("Failed to add configurator")
1271 addr
= dev
[1].own_addr().replace(':', '')
1272 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1273 res
= dev
[1].request(cmd
)
1275 raise Exception("Failed to generate bootstrapping info")
1277 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1279 dev
[1].set("dpp_configurator_params",
1280 " conf=sta-psk ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id
));
1281 cmd
= "DPP_LISTEN 2437 role=configurator"
1282 if "OK" not in dev
[1].request(cmd
):
1283 raise Exception("Failed to start listen operation")
1285 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1286 if "status,COMPLETE" not in res
:
1287 raise Exception("dev_exec_action did not succeed: " + res
)
1289 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1290 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res
:
1291 raise Exception("Unexpected result: " + res
)
1293 dev
[0].set("dpp_config_processing", "0")
1294 stop_sigma_dut(sigma
)
1296 def test_sigma_dut_dpp_qr_init_configurator_1(dev
, apdev
):
1297 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1298 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1)
1300 def test_sigma_dut_dpp_qr_init_configurator_2(dev
, apdev
):
1301 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1302 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 2)
1304 def test_sigma_dut_dpp_qr_init_configurator_3(dev
, apdev
):
1305 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1306 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 3)
1308 def test_sigma_dut_dpp_qr_init_configurator_4(dev
, apdev
):
1309 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1310 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 4)
1312 def test_sigma_dut_dpp_qr_init_configurator_5(dev
, apdev
):
1313 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1314 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 5)
1316 def test_sigma_dut_dpp_qr_init_configurator_6(dev
, apdev
):
1317 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1318 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 6)
1320 def test_sigma_dut_dpp_qr_init_configurator_7(dev
, apdev
):
1321 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1322 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 7)
1324 def test_sigma_dut_dpp_qr_init_configurator_both(dev
, apdev
):
1325 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1326 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, "Both")
1328 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev
, apdev
):
1329 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1330 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, extra
='DPPSubsequentChannel,81/11')
1332 def run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, conf_idx
,
1333 prov_role
="Configurator",
1335 check_dpp_capab(dev
[0])
1336 check_dpp_capab(dev
[1])
1337 sigma
= start_sigma_dut(dev
[0].ifname
)
1339 addr
= dev
[1].own_addr().replace(':', '')
1340 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1341 res
= dev
[1].request(cmd
)
1343 raise Exception("Failed to generate bootstrapping info")
1345 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1347 cmd
= "DPP_LISTEN 2437 role=enrollee"
1348 if "OK" not in dev
[1].request(cmd
):
1349 raise Exception("Failed to start listen operation")
1351 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1352 if "status,COMPLETE" not in res
:
1353 raise Exception("dev_exec_action did not succeed: " + res
)
1355 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role
, conf_idx
)
1358 res
= sigma_dut_cmd(cmd
)
1359 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1360 raise Exception("Unexpected result: " + res
)
1362 stop_sigma_dut(sigma
)
1364 def test_sigma_dut_dpp_pkex_init_configurator(dev
, apdev
):
1365 """sigma_dut DPP/PKEX initiator as Configurator"""
1366 check_dpp_capab(dev
[0])
1367 check_dpp_capab(dev
[1])
1368 sigma
= start_sigma_dut(dev
[0].ifname
)
1370 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
1371 res
= dev
[1].request(cmd
)
1373 raise Exception("Failed to generate bootstrapping info")
1375 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
1376 res
= dev
[1].request(cmd
)
1378 raise Exception("Failed to set PKEX data (responder)")
1379 cmd
= "DPP_LISTEN 2437 role=enrollee"
1380 if "OK" not in dev
[1].request(cmd
):
1381 raise Exception("Failed to start listen operation")
1383 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1384 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1385 raise Exception("Unexpected result: " + res
)
1387 stop_sigma_dut(sigma
)
1389 def dpp_init_conf(dev
, id1
, conf
, conf_id
, extra
):
1390 logger
.info("Starting DPP initiator/configurator in a thread")
1391 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1
, conf
, extra
, conf_id
)
1392 if "OK" not in dev
.request(cmd
):
1393 raise Exception("Failed to initiate DPP Authentication")
1394 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1396 raise Exception("DPP configuration not completed (Configurator)")
1397 logger
.info("DPP initiator/configurator done")
1399 def test_sigma_dut_ap_dpp_qr(dev
, apdev
, params
):
1400 """sigma_dut controlled AP (DPP)"""
1401 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-dpp", "sta-dpp")
1403 def test_sigma_dut_ap_dpp_qr_legacy(dev
, apdev
, params
):
1404 """sigma_dut controlled AP (legacy)"""
1405 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1406 extra
="pass=%s" % "qwertyuiop".encode("hex"))
1408 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev
, apdev
, params
):
1409 """sigma_dut controlled AP (legacy)"""
1410 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1411 extra
="psk=%s" % (32*"12"))
1413 def run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, ap_conf
, sta_conf
, extra
=""):
1414 check_dpp_capab(dev
[0])
1415 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1416 with
HWSimRadio() as (radio
, iface
):
1417 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1419 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1420 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1421 if "status,COMPLETE" not in res
:
1422 raise Exception("dev_exec_action did not succeed: " + res
)
1423 hex = res
.split(',')[3]
1424 uri
= hex.decode('hex')
1425 logger
.info("URI from sigma_dut: " + uri
)
1427 cmd
= "DPP_CONFIGURATOR_ADD"
1428 res
= dev
[0].request(cmd
);
1430 raise Exception("Failed to add configurator")
1433 res
= dev
[0].request("DPP_QR_CODE " + uri
)
1435 raise Exception("Failed to parse QR Code URI")
1438 t
= threading
.Thread(target
=dpp_init_conf
,
1439 args
=(dev
[0], id1
, ap_conf
, conf_id
, extra
))
1441 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1443 if "ConfResult,OK" not in res
:
1444 raise Exception("Unexpected result: " + res
)
1446 addr
= dev
[1].own_addr().replace(':', '')
1447 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1448 res
= dev
[1].request(cmd
)
1450 raise Exception("Failed to generate bootstrapping info")
1452 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
1454 res
= dev
[0].request("DPP_QR_CODE " + uri1
)
1456 raise Exception("Failed to parse QR Code URI")
1459 dev
[1].set("dpp_config_processing", "2")
1460 cmd
= "DPP_LISTEN 2412"
1461 if "OK" not in dev
[1].request(cmd
):
1462 raise Exception("Failed to start listen operation")
1463 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b
, sta_conf
, extra
, conf_id
)
1464 if "OK" not in dev
[0].request(cmd
):
1465 raise Exception("Failed to initiate DPP Authentication")
1466 dev
[1].wait_connected()
1468 sigma_dut_cmd_check("ap_reset_default")
1470 dev
[1].set("dpp_config_processing", "0")
1471 stop_sigma_dut(sigma
)
1473 def test_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
, params
):
1474 """sigma_dut controlled AP as DPP PKEX responder"""
1475 check_dpp_capab(dev
[0])
1476 logdir
= os
.path
.join(params
['logdir'],
1477 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1478 with
HWSimRadio() as (radio
, iface
):
1479 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1481 run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
)
1483 stop_sigma_dut(sigma
)
1485 def dpp_init_conf_pkex(dev
, conf_id
):
1486 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
1488 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
1489 res
= dev
.request(cmd
)
1491 raise Exception("Failed to generate bootstrapping info")
1493 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id
)
1494 res
= dev
.request(cmd
)
1496 raise Exception("Failed to initiate DPP PKEX")
1497 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1499 raise Exception("DPP configuration not completed (Configurator)")
1500 logger
.info("DPP initiator/configurator done")
1502 def run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
):
1503 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1505 cmd
= "DPP_CONFIGURATOR_ADD"
1506 res
= dev
[0].request(cmd
);
1508 raise Exception("Failed to add configurator")
1511 t
= threading
.Thread(target
=dpp_init_conf_pkex
, args
=(dev
[0], conf_id
))
1513 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout
=10)
1515 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1516 raise Exception("Unexpected result: " + res
)
1518 sigma_dut_cmd_check("ap_reset_default")
1520 def dpp_proto_init(dev
, id1
):
1522 logger
.info("Starting DPP initiator/configurator in a thread")
1523 cmd
= "DPP_CONFIGURATOR_ADD"
1524 res
= dev
.request(cmd
);
1526 raise Exception("Failed to add configurator")
1529 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
1530 if "OK" not in dev
.request(cmd
):
1531 raise Exception("Failed to initiate DPP Authentication")
1533 def test_sigma_dut_dpp_proto_initiator(dev
, apdev
):
1534 """sigma_dut DPP protocol testing - Initiator"""
1535 check_dpp_capab(dev
[0])
1536 check_dpp_capab(dev
[1])
1537 tests
= [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1538 "BootstrapResult,OK,AuthResult,Errorsent",
1540 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1541 "BootstrapResult,OK,AuthResult,Errorsent",
1543 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1544 "BootstrapResult,OK,AuthResult,Errorsent",
1545 "Missing or invalid I-capabilities"),
1546 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1547 "BootstrapResult,OK,AuthResult,Errorsent",
1548 "Mismatching Initiator Authenticating Tag"),
1549 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1550 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1551 "Missing or invalid Enrollee Nonce attribute") ]
1552 for step
, frame
, attr
, result
, fail
in tests
:
1553 dev
[0].request("FLUSH")
1554 dev
[1].request("FLUSH")
1555 sigma
= start_sigma_dut(dev
[0].ifname
)
1557 run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
,
1560 stop_sigma_dut(sigma
)
1562 def run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
, fail
):
1563 addr
= dev
[1].own_addr().replace(':', '')
1564 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1565 res
= dev
[1].request(cmd
)
1567 raise Exception("Failed to generate bootstrapping info")
1569 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1571 cmd
= "DPP_LISTEN 2437 role=enrollee"
1572 if "OK" not in dev
[1].request(cmd
):
1573 raise Exception("Failed to start listen operation")
1575 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1576 if "status,COMPLETE" not in res
:
1577 raise Exception("dev_exec_action did not succeed: " + res
)
1579 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
))
1580 if result
not in res
:
1581 raise Exception("Unexpected result: " + res
)
1583 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1584 if ev
is None or fail
not in ev
:
1585 raise Exception("Failure not reported correctly: " + str(ev
))
1587 dev
[1].request("DPP_STOP_LISTEN")
1588 dev
[0].dump_monitor()
1589 dev
[1].dump_monitor()
1591 def test_sigma_dut_dpp_proto_responder(dev
, apdev
):
1592 """sigma_dut DPP protocol testing - Responder"""
1593 check_dpp_capab(dev
[0])
1594 check_dpp_capab(dev
[1])
1595 tests
= [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1596 "BootstrapResult,OK,AuthResult,Errorsent",
1597 "Missing or invalid required DPP Status attribute"),
1598 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1599 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1600 "Missing or invalid Enrollee Nonce attribute") ]
1601 for step
, frame
, attr
, result
, fail
in tests
:
1602 dev
[0].request("FLUSH")
1603 dev
[1].request("FLUSH")
1604 sigma
= start_sigma_dut(dev
[0].ifname
)
1606 run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
,
1609 stop_sigma_dut(sigma
)
1611 def run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
, fail
):
1612 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1613 if "status,COMPLETE" not in res
:
1614 raise Exception("dev_exec_action did not succeed: " + res
)
1615 hex = res
.split(',')[3]
1616 uri
= hex.decode('hex')
1617 logger
.info("URI from sigma_dut: " + uri
)
1619 res
= dev
[1].request("DPP_QR_CODE " + uri
)
1621 raise Exception("Failed to parse QR Code URI")
1624 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
1626 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
1628 if result
not in res
:
1629 raise Exception("Unexpected result: " + res
)
1631 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1632 if ev
is None or fail
not in ev
:
1633 raise Exception("Failure not reported correctly:" + str(ev
))
1635 dev
[1].request("DPP_STOP_LISTEN")
1636 dev
[0].dump_monitor()
1637 dev
[1].dump_monitor()
1639 def test_sigma_dut_dpp_proto_stop_at_initiator(dev
, apdev
):
1640 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1641 check_dpp_capab(dev
[0])
1642 check_dpp_capab(dev
[1])
1643 tests
= [ ("AuthenticationResponse",
1644 "BootstrapResult,OK,AuthResult,Errorsent",
1646 ("ConfigurationRequest",
1647 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1649 for frame
, result
, fail
in tests
:
1650 dev
[0].request("FLUSH")
1651 dev
[1].request("FLUSH")
1652 sigma
= start_sigma_dut(dev
[0].ifname
)
1654 run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
)
1656 stop_sigma_dut(sigma
)
1658 def run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
):
1659 addr
= dev
[1].own_addr().replace(':', '')
1660 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1661 res
= dev
[1].request(cmd
)
1663 raise Exception("Failed to generate bootstrapping info")
1665 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1667 cmd
= "DPP_LISTEN 2437 role=enrollee"
1668 if "OK" not in dev
[1].request(cmd
):
1669 raise Exception("Failed to start listen operation")
1671 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1672 if "status,COMPLETE" not in res
:
1673 raise Exception("dev_exec_action did not succeed: " + res
)
1675 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
))
1676 if result
not in res
:
1677 raise Exception("Unexpected result: " + res
)
1679 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1680 if ev
is None or fail
not in ev
:
1681 raise Exception("Failure not reported correctly: " + str(ev
))
1683 dev
[1].request("DPP_STOP_LISTEN")
1684 dev
[0].dump_monitor()
1685 dev
[1].dump_monitor()
1687 def test_sigma_dut_dpp_proto_stop_at_responder(dev
, apdev
):
1688 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1689 check_dpp_capab(dev
[0])
1690 check_dpp_capab(dev
[1])
1691 tests
= [ ("AuthenticationRequest",
1692 "BootstrapResult,OK,AuthResult,Errorsent",
1694 ("AuthenticationConfirm",
1695 "BootstrapResult,OK,AuthResult,Errorsent",
1697 for frame
, result
, fail
in tests
:
1698 dev
[0].request("FLUSH")
1699 dev
[1].request("FLUSH")
1700 sigma
= start_sigma_dut(dev
[0].ifname
)
1702 run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
)
1704 stop_sigma_dut(sigma
)
1706 def run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
):
1707 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1708 if "status,COMPLETE" not in res
:
1709 raise Exception("dev_exec_action did not succeed: " + res
)
1710 hex = res
.split(',')[3]
1711 uri
= hex.decode('hex')
1712 logger
.info("URI from sigma_dut: " + uri
)
1714 res
= dev
[1].request("DPP_QR_CODE " + uri
)
1716 raise Exception("Failed to parse QR Code URI")
1719 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
1721 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
), timeout
=10)
1723 if result
not in res
:
1724 raise Exception("Unexpected result: " + res
)
1726 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1727 if ev
is None or fail
not in ev
:
1728 raise Exception("Failure not reported correctly:" + str(ev
))
1730 dev
[1].request("DPP_STOP_LISTEN")
1731 dev
[0].dump_monitor()
1732 dev
[1].dump_monitor()
1734 def dpp_proto_init_pkex(dev
):
1736 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
1737 cmd
= "DPP_CONFIGURATOR_ADD"
1738 res
= dev
.request(cmd
);
1740 raise Exception("Failed to add configurator")
1743 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
1744 res
= dev
.request(cmd
)
1746 raise Exception("Failed to generate bootstrapping info")
1749 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id
)
1750 if "FAIL" in dev
.request(cmd
):
1751 raise Exception("Failed to initiate DPP PKEX")
1753 def test_sigma_dut_dpp_proto_initiator_pkex(dev
, apdev
):
1754 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
1755 check_dpp_capab(dev
[0])
1756 check_dpp_capab(dev
[1])
1757 tests
= [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
1758 "BootstrapResult,Errorsent",
1760 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
1761 "BootstrapResult,Errorsent",
1762 "Missing or invalid Finite Cyclic Group attribute"),
1763 ("MissingAttribute", "PKEXCRRequest", "BSKey",
1764 "BootstrapResult,Errorsent",
1765 "No valid peer bootstrapping key found") ]
1766 for step
, frame
, attr
, result
, fail
in tests
:
1767 dev
[0].request("FLUSH")
1768 dev
[1].request("FLUSH")
1769 sigma
= start_sigma_dut(dev
[0].ifname
)
1771 run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
,
1774 stop_sigma_dut(sigma
)
1776 def run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
, result
, fail
):
1777 cmd
= "DPP_BOOTSTRAP_GEN type=pkex"
1778 res
= dev
[1].request(cmd
)
1780 raise Exception("Failed to generate bootstrapping info")
1783 cmd
= "DPP_PKEX_ADD own=%d code=secret" % (id1
)
1784 res
= dev
[1].request(cmd
)
1786 raise Exception("Failed to set PKEX data (responder)")
1788 cmd
= "DPP_LISTEN 2437 role=enrollee"
1789 if "OK" not in dev
[1].request(cmd
):
1790 raise Exception("Failed to start listen operation")
1792 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
))
1793 if result
not in res
:
1794 raise Exception("Unexpected result: " + res
)
1796 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1797 if ev
is None or fail
not in ev
:
1798 raise Exception("Failure not reported correctly: " + str(ev
))
1800 dev
[1].request("DPP_STOP_LISTEN")
1801 dev
[0].dump_monitor()
1802 dev
[1].dump_monitor()
1804 def test_sigma_dut_dpp_proto_responder_pkex(dev
, apdev
):
1805 """sigma_dut DPP protocol testing - Responder (PKEX)"""
1806 check_dpp_capab(dev
[0])
1807 check_dpp_capab(dev
[1])
1808 tests
= [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
1809 "BootstrapResult,Errorsent",
1811 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
1812 "BootstrapResult,Errorsent",
1813 "No DPP Status attribute"),
1814 ("MissingAttribute", "PKEXCRResponse", "BSKey",
1815 "BootstrapResult,Errorsent",
1816 "No valid peer bootstrapping key found") ]
1817 for step
, frame
, attr
, result
, fail
in tests
:
1818 dev
[0].request("FLUSH")
1819 dev
[1].request("FLUSH")
1820 sigma
= start_sigma_dut(dev
[0].ifname
)
1822 run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
,
1825 stop_sigma_dut(sigma
)
1827 def run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
, result
, fail
):
1828 t
= threading
.Thread(target
=dpp_proto_init_pkex
, args
=(dev
[1],))
1830 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
1832 if result
not in res
:
1833 raise Exception("Unexpected result: " + res
)
1835 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1836 if ev
is None or fail
not in ev
:
1837 raise Exception("Failure not reported correctly:" + str(ev
))
1839 dev
[1].request("DPP_STOP_LISTEN")
1840 dev
[0].dump_monitor()
1841 dev
[1].dump_monitor()
1843 def init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
1844 check_dpp_capab(dev
[0])
1845 check_dpp_capab(dev
[1])
1847 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1848 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1849 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1850 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1852 params
= { "ssid": "DPPNET01",
1854 "wpa_key_mgmt": "DPP",
1855 "rsn_pairwise": "CCMP",
1856 "dpp_connector": ap_connector
,
1857 "dpp_csign": csign_pub
,
1858 "dpp_netaccesskey": ap_netaccesskey
}
1860 hapd
= hostapd
.add_ap(apdev
[0], params
)
1862 raise HwsimSkip("DPP not supported")
1864 dev
[0].set("dpp_config_processing", "2")
1866 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1867 res
= dev
[1].request(cmd
);
1869 raise Exception("Failed to add configurator")
1872 addr
= dev
[1].own_addr().replace(':', '')
1873 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1874 res
= dev
[1].request(cmd
)
1876 raise Exception("Failed to generate bootstrapping info")
1878 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1880 dev
[1].set("dpp_configurator_params",
1881 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id
));
1882 cmd
= "DPP_LISTEN 2437 role=configurator"
1883 if "OK" not in dev
[1].request(cmd
):
1884 raise Exception("Failed to start listen operation")
1886 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0
.encode('hex'))
1887 if "status,COMPLETE" not in res
:
1888 raise Exception("dev_exec_action did not succeed: " + res
)
1890 def test_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
1891 """sigma_dut DPP protocol testing - Peer Discovery Request"""
1892 sigma
= start_sigma_dut(dev
[0].ifname
)
1894 init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
)
1896 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout
=10)
1897 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res
:
1898 raise Exception("Unexpected result: " + res
)
1900 dev
[0].set("dpp_config_processing", "0")
1901 stop_sigma_dut(sigma
)
1903 def test_sigma_dut_dpp_self_config(dev
, apdev
):
1904 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
1905 check_dpp_capab(dev
[0])
1907 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "unconfigured" })
1908 check_dpp_capab(hapd
)
1910 sigma
= start_sigma_dut(dev
[0].ifname
)
1912 dev
[0].set("dpp_config_processing", "2")
1913 addr
= hapd
.own_addr().replace(':', '')
1914 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1915 res
= hapd
.request(cmd
)
1917 raise Exception("Failed to generate bootstrapping info")
1919 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id)
1921 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri
.encode('hex'))
1922 if "status,COMPLETE" not in res
:
1923 raise Exception("dev_exec_action did not succeed: " + res
)
1925 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
1926 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1927 raise Exception("Unexpected result: " + res
)
1928 update_hapd_config(hapd
)
1930 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
1931 res
= sigma_dut_cmd(cmd
, timeout
=10)
1932 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1933 raise Exception("Unexpected result: " + res
)
1935 stop_sigma_dut(sigma
)
1936 dev
[0].set("dpp_config_processing", "0")
1938 def test_sigma_dut_ap_dpp_self_config(dev
, apdev
, params
):
1939 """sigma_dut DPP AP Configurator using self-configuration"""
1940 logdir
= os
.path
.join(params
['logdir'],
1941 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
1942 with
HWSimRadio() as (radio
, iface
):
1943 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1945 run_sigma_dut_ap_dpp_self_config(dev
, apdev
)
1947 stop_sigma_dut(sigma
)
1948 dev
[0].set("dpp_config_processing", "0")
1950 def run_sigma_dut_ap_dpp_self_config(dev
, apdev
):
1951 check_dpp_capab(dev
[0])
1953 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1955 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout
=10)
1956 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1957 raise Exception("Unexpected result: " + res
)
1959 dev
[0].set("dpp_config_processing", "2")
1961 addr
= dev
[0].own_addr().replace(':', '')
1962 cmd
= "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
1963 res
= dev
[0].request(cmd
)
1965 raise Exception("Failed to generate bootstrapping info")
1967 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
1968 cmd
= "DPP_LISTEN 2462 role=enrollee"
1969 if "OK" not in dev
[0].request(cmd
):
1970 raise Exception("Failed to start listen operation")
1972 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri
.encode('hex'))
1973 if "status,COMPLETE" not in res
:
1974 raise Exception("dev_exec_action did not succeed: " + res
)
1975 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
1976 res
= sigma_dut_cmd(cmd
)
1977 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1978 raise Exception("Unexpected result: " + res
)
1979 dev
[0].wait_connected()
1980 dev
[0].request("DISCONNECT")
1981 dev
[0].wait_disconnected()
1982 sigma_dut_cmd_check("ap_reset_default")
1984 def test_sigma_dut_preconfigured_profile(dev
, apdev
):
1985 """sigma_dut controlled connection using preconfigured profile"""
1987 run_sigma_dut_preconfigured_profile(dev
, apdev
)
1989 dev
[0].set("ignore_old_scan_res", "0")
1991 def run_sigma_dut_preconfigured_profile(dev
, apdev
):
1992 ifname
= dev
[0].ifname
1993 sigma
= start_sigma_dut(ifname
)
1995 params
= hostapd
.wpa2_params(ssid
="test-psk", passphrase
="12345678")
1996 hapd
= hostapd
.add_ap(apdev
[0], params
)
1997 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412",
1998 only_add_network
=True)
2000 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2001 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "test-psk"))
2002 sigma_dut_wait_connected(ifname
)
2003 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2004 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2005 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2007 stop_sigma_dut(sigma
)
2009 def test_sigma_dut_wps_pbc(dev
, apdev
):
2010 """sigma_dut and WPS PBC Enrollee"""
2012 run_sigma_dut_wps_pbc(dev
, apdev
)
2014 dev
[0].set("ignore_old_scan_res", "0")
2016 def run_sigma_dut_wps_pbc(dev
, apdev
):
2017 ssid
= "test-wps-conf"
2018 hapd
= hostapd
.add_ap(apdev
[0],
2019 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2020 "wpa_passphrase": "12345678", "wpa": "2",
2021 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2022 hapd
.request("WPS_PBC")
2024 ifname
= dev
[0].ifname
2025 sigma
= start_sigma_dut(ifname
)
2027 cmd
= "start_wps_registration,interface,%s" % ifname
2028 cmd
+= ",WpsRole,Enrollee"
2029 cmd
+= ",WpsConfigMethod,PBC"
2030 sigma_dut_cmd_check(cmd
, timeout
=15)
2032 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2034 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2035 stop_sigma_dut(sigma
)
2036 dev
[0].flush_scan_cache()