]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import logging
8 logger = logging.getLogger()
9 import os
10 import socket
11 import subprocess
12 import threading
13 import time
14
15 import hostapd
16 from utils import HwsimSkip
17 from hwsim import HWSimRadio
18 from test_dpp import check_dpp_capab, update_hapd_config
19 from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
20
21 def check_sigma_dut():
22 if not os.path.exists("./sigma_dut"):
23 raise HwsimSkip("sigma_dut not available")
24
25 def sigma_dut_cmd(cmd, port=9000, timeout=2):
26 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
27 socket.IPPROTO_TCP)
28 sock.settimeout(timeout)
29 addr = ('127.0.0.1', port)
30 sock.connect(addr)
31 sock.send(cmd + "\r\n")
32 try:
33 res = sock.recv(1000)
34 running = False
35 done = False
36 for line in res.splitlines():
37 if line.startswith("status,RUNNING"):
38 running = True
39 elif line.startswith("status,INVALID"):
40 done = True
41 elif line.startswith("status,ERROR"):
42 done = True
43 elif line.startswith("status,COMPLETE"):
44 done = True
45 if running and not done:
46 # Read the actual response
47 res = sock.recv(1000)
48 except:
49 res = ''
50 pass
51 sock.close()
52 res = res.rstrip()
53 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
54 return res
55
56 def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
57 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
58 if "COMPLETE" not in res:
59 raise Exception("sigma_dut command failed: " + cmd)
60 return res
61
62 def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None):
63 check_sigma_dut()
64 cmd = [ './sigma_dut',
65 '-M', ifname,
66 '-S', ifname,
67 '-F', '../../hostapd/hostapd',
68 '-G',
69 '-w', '/var/run/wpa_supplicant/',
70 '-j', ifname ]
71 if debug:
72 cmd += [ '-d' ]
73 if hostapd_logdir:
74 cmd += [ '-H', hostapd_logdir ]
75 if cert_path:
76 cmd += [ '-C', cert_path ]
77 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
78 stderr=subprocess.PIPE)
79 for i in range(20):
80 try:
81 res = sigma_dut_cmd("HELLO")
82 break
83 except:
84 time.sleep(0.05)
85 return sigma
86
87 def stop_sigma_dut(sigma):
88 sigma.terminate()
89 sigma.wait()
90 out, err = sigma.communicate()
91 logger.debug("sigma_dut stdout: " + str(out))
92 logger.debug("sigma_dut stderr: " + str(err))
93
94 def sigma_dut_wait_connected(ifname):
95 for i in range(50):
96 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
97 if "connected,1" in res:
98 break
99 time.sleep(0.2)
100 if i == 49:
101 raise Exception("Connection did not complete")
102
103 def test_sigma_dut_basic(dev, apdev):
104 """sigma_dut basic functionality"""
105 sigma = start_sigma_dut(dev[0].ifname)
106
107 res = sigma_dut_cmd("UNKNOWN")
108 if "status,INVALID,errorCode,Unknown command" not in res:
109 raise Exception("Unexpected sigma_dut response to unknown command")
110
111 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
112 ("device_get_info", "status,COMPLETE,vendor"),
113 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
114 ("device_list_interfaces,interfaceType,802.11",
115 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
116 for cmd, response in tests:
117 res = sigma_dut_cmd(cmd)
118 if response not in res:
119 raise Exception("Unexpected %s response: %s" % (cmd, res))
120
121 stop_sigma_dut(sigma)
122
123 def test_sigma_dut_open(dev, apdev):
124 """sigma_dut controlled open network association"""
125 try:
126 run_sigma_dut_open(dev, apdev)
127 finally:
128 dev[0].set("ignore_old_scan_res", "0")
129
130 def run_sigma_dut_open(dev, apdev):
131 ifname = dev[0].ifname
132 sigma = start_sigma_dut(ifname)
133
134 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
135
136 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
137 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
138 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
139 sigma_dut_wait_connected(ifname)
140 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
141 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
142 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
143
144 stop_sigma_dut(sigma)
145
146 def test_sigma_dut_psk_pmf(dev, apdev):
147 """sigma_dut controlled PSK+PMF association"""
148 try:
149 run_sigma_dut_psk_pmf(dev, apdev)
150 finally:
151 dev[0].set("ignore_old_scan_res", "0")
152
153 def run_sigma_dut_psk_pmf(dev, apdev):
154 ifname = dev[0].ifname
155 sigma = start_sigma_dut(ifname)
156
157 ssid = "test-pmf-required"
158 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
159 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
160 params["ieee80211w"] = "2"
161 hapd = hostapd.add_ap(apdev[0], params)
162
163 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
164 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
165 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
166 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
167 sigma_dut_wait_connected(ifname)
168 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
169 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
170 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
171
172 stop_sigma_dut(sigma)
173
174 def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
175 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
176 try:
177 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
178 finally:
179 dev[0].set("ignore_old_scan_res", "0")
180
181 def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
182 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
183 try:
184 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
185 finally:
186 dev[0].set("ignore_old_scan_res", "0")
187
188 def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
189 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
190 try:
191 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
192 finally:
193 dev[0].set("ignore_old_scan_res", "0")
194
195 def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
196 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
197 try:
198 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
199 finally:
200 dev[0].set("ignore_old_scan_res", "0")
201
202 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
204 try:
205 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
206 failure=True)
207 finally:
208 dev[0].set("ignore_old_scan_res", "0")
209
210 def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
211 failure=False):
212 ifname = dev[0].ifname
213 sigma = start_sigma_dut(ifname)
214
215 ssid = "test-pmf-required"
216 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
217 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
218 params["ieee80211w"] = "2"
219 params["group_mgmt_cipher"] = hostapd_cipher
220 hapd = hostapd.add_ap(apdev[0], params)
221
222 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
223 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
224 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
225 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
226 if failure:
227 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
228 "CTRL-EVENT-CONNECTED"], timeout=10)
229 if ev is None:
230 raise Exception("Network selection result not indicated")
231 if "CTRL-EVENT-CONNECTED" in ev:
232 raise Exception("Unexpected connection")
233 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
234 if "connected,1" in res:
235 raise Exception("Connection reported")
236 else:
237 sigma_dut_wait_connected(ifname)
238 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
239
240 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
241 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
242
243 stop_sigma_dut(sigma)
244
245 def test_sigma_dut_sae(dev, apdev):
246 """sigma_dut controlled SAE association"""
247 if "SAE" not in dev[0].get_capability("auth_alg"):
248 raise HwsimSkip("SAE not supported")
249
250 ifname = dev[0].ifname
251 sigma = start_sigma_dut(ifname)
252
253 ssid = "test-sae"
254 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
255 params['wpa_key_mgmt'] = 'SAE'
256 params["ieee80211w"] = "2"
257 hapd = hostapd.add_ap(apdev[0], params)
258
259 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
260 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
261 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
262 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
263 sigma_dut_wait_connected(ifname)
264 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
265 if dev[0].get_status_field('sae_group') != '19':
266 raise Exception("Expected default SAE group not used")
267 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
268
269 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
270
271 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
272 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
273 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
274 sigma_dut_wait_connected(ifname)
275 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
276 if dev[0].get_status_field('sae_group') != '20':
277 raise Exception("Expected SAE group not used")
278 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
279 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
280
281 stop_sigma_dut(sigma)
282
283 def test_sigma_dut_sae_password(dev, apdev):
284 """sigma_dut controlled SAE association and long password"""
285 if "SAE" not in dev[0].get_capability("auth_alg"):
286 raise HwsimSkip("SAE not supported")
287
288 ifname = dev[0].ifname
289 sigma = start_sigma_dut(ifname)
290
291 try:
292 ssid = "test-sae"
293 params = hostapd.wpa2_params(ssid=ssid)
294 params['sae_password'] = 100*'B'
295 params['wpa_key_mgmt'] = 'SAE'
296 params["ieee80211w"] = "2"
297 hapd = hostapd.add_ap(apdev[0], params)
298
299 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
300 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
301 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
302 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
303 sigma_dut_wait_connected(ifname)
304 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
305 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
306 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
307 finally:
308 stop_sigma_dut(sigma)
309
310 def test_sigma_dut_sta_override_rsne(dev, apdev):
311 """sigma_dut and RSNE override on STA"""
312 try:
313 run_sigma_dut_sta_override_rsne(dev, apdev)
314 finally:
315 dev[0].set("ignore_old_scan_res", "0")
316
317 def run_sigma_dut_sta_override_rsne(dev, apdev):
318 ifname = dev[0].ifname
319 sigma = start_sigma_dut(ifname)
320
321 ssid = "test-psk"
322 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
323 hapd = hostapd.add_ap(apdev[0], params)
324
325 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
326
327 tests = [ "30120100000fac040100000fac040100000fac02",
328 "30140100000fac040100000fac040100000fac02ffff" ]
329 for test in tests:
330 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
331 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
332 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
333 sigma_dut_wait_connected(ifname)
334 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
335 dev[0].dump_monitor()
336
337 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
338 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
339 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
340
341 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
342 if ev is None:
343 raise Exception("Association rejection not reported")
344 if "status_code=40" not in ev:
345 raise Exception("Unexpected status code: " + ev)
346
347 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
348
349 stop_sigma_dut(sigma)
350
351 def test_sigma_dut_ap_psk(dev, apdev):
352 """sigma_dut controlled AP"""
353 with HWSimRadio() as (radio, iface):
354 sigma = start_sigma_dut(iface)
355 try:
356 sigma_dut_cmd_check("ap_reset_default")
357 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
358 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
359 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
360
361 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
362
363 sigma_dut_cmd_check("ap_reset_default")
364 finally:
365 stop_sigma_dut(sigma)
366
367 def test_sigma_dut_ap_pskhex(dev, apdev, params):
368 """sigma_dut controlled AP and PSKHEX"""
369 logdir = os.path.join(params['logdir'],
370 "sigma_dut_ap_pskhex.sigma-hostapd")
371 with HWSimRadio() as (radio, iface):
372 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
373 try:
374 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
375 sigma_dut_cmd_check("ap_reset_default")
376 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
377 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
378 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
379
380 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
381
382 sigma_dut_cmd_check("ap_reset_default")
383 finally:
384 stop_sigma_dut(sigma)
385
386 def test_sigma_dut_suite_b(dev, apdev, params):
387 """sigma_dut controlled STA Suite B"""
388 check_suite_b_192_capa(dev)
389 logdir = params['logdir']
390
391 with open("auth_serv/ec2-ca.pem", "r") as f:
392 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
393 f2.write(f.read())
394
395 with open("auth_serv/ec2-user.pem", "r") as f:
396 with open("auth_serv/ec2-user.key", "r") as f2:
397 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
398 f3.write(f.read())
399 f3.write(f2.read())
400
401 dev[0].flush_scan_cache()
402 params = suite_b_as_params()
403 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
404 params['server_cert'] = 'auth_serv/ec2-server.pem'
405 params['private_key'] = 'auth_serv/ec2-server.key'
406 params['openssl_ciphers'] = 'SUITEB192'
407 hostapd.add_ap(apdev[1], params)
408
409 params = { "ssid": "test-suite-b",
410 "wpa": "2",
411 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
412 "rsn_pairwise": "GCMP-256",
413 "group_mgmt_cipher": "BIP-GMAC-256",
414 "ieee80211w": "2",
415 "ieee8021x": "1",
416 'auth_server_addr': "127.0.0.1",
417 'auth_server_port': "18129",
418 'auth_server_shared_secret': "radius",
419 'nas_identifier': "nas.w1.fi" }
420 hapd = hostapd.add_ap(apdev[0], params)
421
422 ifname = dev[0].ifname
423 sigma = start_sigma_dut(ifname, cert_path=logdir)
424
425 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
426 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
427 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
428 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
429 sigma_dut_wait_connected(ifname)
430 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
431 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
432 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
433
434 stop_sigma_dut(sigma)
435
436 def test_sigma_dut_suite_b_rsa(dev, apdev, params):
437 """sigma_dut controlled STA Suite B (RSA)"""
438 check_suite_b_192_capa(dev)
439 logdir = params['logdir']
440
441 with open("auth_serv/rsa3072-ca.pem", "r") as f:
442 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
443 f2.write(f.read())
444
445 with open("auth_serv/rsa3072-user.pem", "r") as f:
446 with open("auth_serv/rsa3072-user.key", "r") as f2:
447 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
448 f3.write(f.read())
449 f3.write(f2.read())
450
451 dev[0].flush_scan_cache()
452 params = suite_b_192_rsa_ap_params()
453 hapd = hostapd.add_ap(apdev[0], params)
454
455 ifname = dev[0].ifname
456 sigma = start_sigma_dut(ifname, cert_path=logdir)
457
458 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
459
460 tests = [ "",
461 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
462 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
463 for extra in tests:
464 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
465 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
466 sigma_dut_cmd_check(cmd + extra)
467 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
468 sigma_dut_wait_connected(ifname)
469 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
470 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
471 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
472
473 stop_sigma_dut(sigma)
474
475 def test_sigma_dut_ap_suite_b(dev, apdev, params):
476 """sigma_dut controlled AP Suite B"""
477 check_suite_b_192_capa(dev)
478 logdir = os.path.join(params['logdir'],
479 "sigma_dut_ap_suite_b.sigma-hostapd")
480 params = suite_b_as_params()
481 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
482 params['server_cert'] = 'auth_serv/ec2-server.pem'
483 params['private_key'] = 'auth_serv/ec2-server.key'
484 params['openssl_ciphers'] = 'SUITEB192'
485 hostapd.add_ap(apdev[1], params)
486 with HWSimRadio() as (radio, iface):
487 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
488 try:
489 sigma_dut_cmd_check("ap_reset_default")
490 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
491 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
492 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
493 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
494
495 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
496 ieee80211w="2",
497 openssl_ciphers="SUITEB192",
498 eap="TLS", identity="tls user",
499 ca_cert="auth_serv/ec2-ca.pem",
500 client_cert="auth_serv/ec2-user.pem",
501 private_key="auth_serv/ec2-user.key",
502 pairwise="GCMP-256", group="GCMP-256",
503 scan_freq="2412")
504
505 sigma_dut_cmd_check("ap_reset_default")
506 finally:
507 stop_sigma_dut(sigma)
508
509 def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
510 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
511 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
512 "GCMP")
513
514 def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
515 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
516 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
517 "GCMP-256")
518
519 def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
520 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
521 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
522 "CCMP")
523
524 def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
525 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
526 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
527 "CCMP-256")
528
529 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
530 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
531 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
532 "BIP-GMAC-256", "CCMP")
533
534 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
535 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
536 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
537 "BIP-GMAC-256", "GCMP-256", "CCMP")
538
539 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
540 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
541 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
542 "GCMP-256", "CCMP", "AES-CCMP-128")
543
544 def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
545 sta_cipher, sta_cipher_group=None, ap_group=None):
546 check_suite_b_192_capa(dev)
547 logdir = os.path.join(params['logdir'],
548 "sigma_dut_ap_cipher.sigma-hostapd")
549 params = suite_b_as_params()
550 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
551 params['server_cert'] = 'auth_serv/ec2-server.pem'
552 params['private_key'] = 'auth_serv/ec2-server.key'
553 params['openssl_ciphers'] = 'SUITEB192'
554 hostapd.add_ap(apdev[1], params)
555 with HWSimRadio() as (radio, iface):
556 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
557 try:
558 sigma_dut_cmd_check("ap_reset_default")
559 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
560 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
561 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
562 if ap_group:
563 cmd += ",GroupCipher,%s" % ap_group
564 sigma_dut_cmd_check(cmd)
565 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
566
567 if sta_cipher_group is None:
568 sta_cipher_group = sta_cipher
569 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
570 ieee80211w="2",
571 openssl_ciphers="SUITEB192",
572 eap="TLS", identity="tls user",
573 ca_cert="auth_serv/ec2-ca.pem",
574 client_cert="auth_serv/ec2-user.pem",
575 private_key="auth_serv/ec2-user.key",
576 pairwise=sta_cipher, group=sta_cipher_group,
577 scan_freq="2412")
578
579 sigma_dut_cmd_check("ap_reset_default")
580 finally:
581 stop_sigma_dut(sigma)
582
583 def test_sigma_dut_ap_override_rsne(dev, apdev):
584 """sigma_dut controlled AP overriding RSNE"""
585 with HWSimRadio() as (radio, iface):
586 sigma = start_sigma_dut(iface)
587 try:
588 sigma_dut_cmd_check("ap_reset_default")
589 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
590 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
591 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
592 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
593
594 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
595
596 sigma_dut_cmd_check("ap_reset_default")
597 finally:
598 stop_sigma_dut(sigma)
599
600 def test_sigma_dut_ap_sae(dev, apdev, params):
601 """sigma_dut controlled AP with SAE"""
602 logdir = os.path.join(params['logdir'],
603 "sigma_dut_ap_sae.sigma-hostapd")
604 if "SAE" not in dev[0].get_capability("auth_alg"):
605 raise HwsimSkip("SAE not supported")
606 with HWSimRadio() as (radio, iface):
607 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
608 try:
609 sigma_dut_cmd_check("ap_reset_default")
610 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
611 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
612 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
613
614 dev[0].request("SET sae_groups ")
615 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
616 ieee80211w="2", scan_freq="2412")
617 if dev[0].get_status_field('sae_group') != '19':
618 raise Exception("Expected default SAE group not used")
619
620 sigma_dut_cmd_check("ap_reset_default")
621 finally:
622 stop_sigma_dut(sigma)
623
624 def test_sigma_dut_ap_sae_password(dev, apdev, params):
625 """sigma_dut controlled AP with SAE and long password"""
626 logdir = os.path.join(params['logdir'],
627 "sigma_dut_ap_sae_password.sigma-hostapd")
628 if "SAE" not in dev[0].get_capability("auth_alg"):
629 raise HwsimSkip("SAE not supported")
630 with HWSimRadio() as (radio, iface):
631 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
632 try:
633 sigma_dut_cmd_check("ap_reset_default")
634 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
635 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
636 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
637
638 dev[0].request("SET sae_groups ")
639 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
640 ieee80211w="2", scan_freq="2412")
641 if dev[0].get_status_field('sae_group') != '19':
642 raise Exception("Expected default SAE group not used")
643
644 sigma_dut_cmd_check("ap_reset_default")
645 finally:
646 stop_sigma_dut(sigma)
647
648 def test_sigma_dut_ap_sae_group(dev, apdev, params):
649 """sigma_dut controlled AP with SAE and specific group"""
650 logdir = os.path.join(params['logdir'],
651 "sigma_dut_ap_sae_group.sigma-hostapd")
652 if "SAE" not in dev[0].get_capability("auth_alg"):
653 raise HwsimSkip("SAE not supported")
654 with HWSimRadio() as (radio, iface):
655 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
656 try:
657 sigma_dut_cmd_check("ap_reset_default")
658 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
659 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
660 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
661
662 dev[0].request("SET sae_groups ")
663 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
664 ieee80211w="2", scan_freq="2412")
665 if dev[0].get_status_field('sae_group') != '20':
666 raise Exception("Expected SAE group not used")
667
668 sigma_dut_cmd_check("ap_reset_default")
669 finally:
670 stop_sigma_dut(sigma)
671
672 def test_sigma_dut_ap_psk_sae(dev, apdev, params):
673 """sigma_dut controlled AP with PSK+SAE"""
674 if "SAE" not in dev[0].get_capability("auth_alg"):
675 raise HwsimSkip("SAE not supported")
676 logdir = os.path.join(params['logdir'],
677 "sigma_dut_ap_psk_sae.sigma-hostapd")
678 with HWSimRadio() as (radio, iface):
679 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
680 try:
681 sigma_dut_cmd_check("ap_reset_default")
682 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
683 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
684 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
685
686 dev[2].request("SET sae_groups ")
687 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
688 scan_freq="2412", ieee80211w="0", wait_connect=False)
689 dev[0].request("SET sae_groups ")
690 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
691 scan_freq="2412", ieee80211w="2")
692 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
693
694 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
695 dev[2].request("DISCONNECT")
696 if ev is not None:
697 raise Exception("Unexpected connection without PMF")
698
699 sigma_dut_cmd_check("ap_reset_default")
700 finally:
701 stop_sigma_dut(sigma)
702
703 def test_sigma_dut_owe(dev, apdev):
704 """sigma_dut controlled OWE station"""
705 try:
706 run_sigma_dut_owe(dev, apdev)
707 finally:
708 dev[0].set("ignore_old_scan_res", "0")
709
710 def run_sigma_dut_owe(dev, apdev):
711 if "OWE" not in dev[0].get_capability("key_mgmt"):
712 raise HwsimSkip("OWE not supported")
713
714 ifname = dev[0].ifname
715 sigma = start_sigma_dut(ifname)
716
717 try:
718 params = { "ssid": "owe",
719 "wpa": "2",
720 "wpa_key_mgmt": "OWE",
721 "ieee80211w": "2",
722 "rsn_pairwise": "CCMP" }
723 hapd = hostapd.add_ap(apdev[0], params)
724 bssid = hapd.own_addr()
725
726 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
727 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
728 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
729 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
730 sigma_dut_wait_connected(ifname)
731 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
732
733 dev[0].dump_monitor()
734 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
735 dev[0].wait_connected()
736 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
737 dev[0].wait_disconnected()
738 dev[0].dump_monitor()
739
740 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
741 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
742 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
743 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
744 sigma_dut_wait_connected(ifname)
745 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
746 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
747 dev[0].wait_disconnected()
748 dev[0].dump_monitor()
749
750 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
751 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
752 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
753 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
754 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
755 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
756 if ev is None:
757 raise Exception("Association not rejected")
758 if "status_code=77" not in ev:
759 raise Exception("Unexpected rejection reason: " + ev)
760
761 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
762 finally:
763 stop_sigma_dut(sigma)
764
765 def test_sigma_dut_ap_owe(dev, apdev, params):
766 """sigma_dut controlled AP with OWE"""
767 logdir = os.path.join(params['logdir'],
768 "sigma_dut_ap_owe.sigma-hostapd")
769 if "OWE" not in dev[0].get_capability("key_mgmt"):
770 raise HwsimSkip("OWE not supported")
771 with HWSimRadio() as (radio, iface):
772 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
773 try:
774 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
775 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
776 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
777 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
778
779 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
780 scan_freq="2412")
781
782 sigma_dut_cmd_check("ap_reset_default")
783 finally:
784 stop_sigma_dut(sigma)
785
786 def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
787 """sigma_dut controlled AP with OWE and ECGroupID"""
788 if "OWE" not in dev[0].get_capability("key_mgmt"):
789 raise HwsimSkip("OWE not supported")
790 with HWSimRadio() as (radio, iface):
791 sigma = start_sigma_dut(iface)
792 try:
793 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
794 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
795 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
796 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
797
798 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
799 owe_group="20", scan_freq="2412")
800 dev[0].request("REMOVE_NETWORK all")
801 dev[0].wait_disconnected()
802
803 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
804 owe_group="21", scan_freq="2412")
805 dev[0].request("REMOVE_NETWORK all")
806 dev[0].wait_disconnected()
807
808 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
809 owe_group="19", scan_freq="2412", wait_connect=False)
810 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
811 dev[0].request("DISCONNECT")
812 if ev is None:
813 raise Exception("Association not rejected")
814 if "status_code=77" not in ev:
815 raise Exception("Unexpected rejection reason: " + ev)
816 dev[0].dump_monitor()
817
818 sigma_dut_cmd_check("ap_reset_default")
819 finally:
820 stop_sigma_dut(sigma)
821
822 def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
823 """sigma_dut controlled AP with OWE and transition mode"""
824 if "OWE" not in dev[0].get_capability("key_mgmt"):
825 raise HwsimSkip("OWE not supported")
826 logdir = os.path.join(params['logdir'],
827 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
828 with HWSimRadio() as (radio, iface):
829 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
830 try:
831 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
832 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
833 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
834 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
835 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
836 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
837
838 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
839 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
840
841 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
842 scan_freq="2412")
843 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
844 if dev[0].get_status_field('bssid') not in res1:
845 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
846 if dev[1].get_status_field('bssid') not in res2:
847 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
848
849 sigma_dut_cmd_check("ap_reset_default")
850 finally:
851 stop_sigma_dut(sigma)
852
853 def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
854 """sigma_dut controlled AP with OWE and transition mode (2)"""
855 if "OWE" not in dev[0].get_capability("key_mgmt"):
856 raise HwsimSkip("OWE not supported")
857 logdir = os.path.join(params['logdir'],
858 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
859 with HWSimRadio() as (radio, iface):
860 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
861 try:
862 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
863 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
864 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
865 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
866 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
867 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
868
869 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
870 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
871
872 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
873 scan_freq="2412")
874 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
875 if dev[0].get_status_field('bssid') not in res2:
876 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
877 if dev[1].get_status_field('bssid') not in res1:
878 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
879
880 sigma_dut_cmd_check("ap_reset_default")
881 finally:
882 stop_sigma_dut(sigma)
883
884 def dpp_init_enrollee(dev, id1):
885 logger.info("Starting DPP initiator/enrollee in a thread")
886 time.sleep(1)
887 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
888 if "OK" not in dev.request(cmd):
889 raise Exception("Failed to initiate DPP Authentication")
890 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
891 if ev is None:
892 raise Exception("DPP configuration not completed (Enrollee)")
893 logger.info("DPP initiator/enrollee done")
894
895 def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
896 """sigma_dut DPP/QR responder (conf index 1)"""
897 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
898
899 def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
900 """sigma_dut DPP/QR responder (conf index 2)"""
901 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
902
903 def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
904 """sigma_dut DPP/QR responder (conf index 3)"""
905 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
906
907 def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
908 """sigma_dut DPP/QR responder (conf index 4)"""
909 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
910
911 def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
912 """sigma_dut DPP/QR responder (conf index 5)"""
913 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
914
915 def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
916 """sigma_dut DPP/QR responder (conf index 6)"""
917 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
918
919 def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
920 """sigma_dut DPP/QR responder (conf index 7)"""
921 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
922
923 def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
924 """sigma_dut DPP/QR responder (channel list override)"""
925 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
926 listen_chan=2)
927
928 def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
929 listen_chan=None):
930 check_dpp_capab(dev[0])
931 check_dpp_capab(dev[1])
932 sigma = start_sigma_dut(dev[0].ifname)
933 try:
934 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
935 if chan_list:
936 cmd += ",DPPChannelList," + chan_list
937 res = sigma_dut_cmd(cmd)
938 if "status,COMPLETE" not in res:
939 raise Exception("dev_exec_action did not succeed: " + res)
940 hex = res.split(',')[3]
941 uri = hex.decode('hex')
942 logger.info("URI from sigma_dut: " + uri)
943
944 res = dev[1].request("DPP_QR_CODE " + uri)
945 if "FAIL" in res:
946 raise Exception("Failed to parse QR Code URI")
947 id1 = int(res)
948
949 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
950 t.start()
951 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
952 if listen_chan:
953 cmd += ",DPPListenChannel," + str(listen_chan)
954 res = sigma_dut_cmd(cmd, timeout=10)
955 t.join()
956 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
957 raise Exception("Unexpected result: " + res)
958 finally:
959 stop_sigma_dut(sigma)
960
961 def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
962 """sigma_dut DPP/QR initiator as Enrollee"""
963 check_dpp_capab(dev[0])
964 check_dpp_capab(dev[1])
965
966 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
967 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
968 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
969 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
970
971 params = { "ssid": "DPPNET01",
972 "wpa": "2",
973 "ieee80211w": "2",
974 "wpa_key_mgmt": "DPP",
975 "rsn_pairwise": "CCMP",
976 "dpp_connector": ap_connector,
977 "dpp_csign": csign_pub,
978 "dpp_netaccesskey": ap_netaccesskey }
979 try:
980 hapd = hostapd.add_ap(apdev[0], params)
981 except:
982 raise HwsimSkip("DPP not supported")
983
984 sigma = start_sigma_dut(dev[0].ifname)
985 try:
986 dev[0].set("dpp_config_processing", "2")
987
988 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
989 res = dev[1].request(cmd);
990 if "FAIL" in res:
991 raise Exception("Failed to add configurator")
992 conf_id = int(res)
993
994 addr = dev[1].own_addr().replace(':', '')
995 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
996 res = dev[1].request(cmd)
997 if "FAIL" in res:
998 raise Exception("Failed to generate bootstrapping info")
999 id0 = int(res)
1000 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1001
1002 dev[1].set("dpp_configurator_params",
1003 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id));
1004 cmd = "DPP_LISTEN 2437 role=configurator"
1005 if "OK" not in dev[1].request(cmd):
1006 raise Exception("Failed to start listen operation")
1007
1008 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1009 if "status,COMPLETE" not in res:
1010 raise Exception("dev_exec_action did not succeed: " + res)
1011
1012 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1013 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1014 raise Exception("Unexpected result: " + res)
1015 finally:
1016 dev[0].set("dpp_config_processing", "0")
1017 stop_sigma_dut(sigma)
1018
1019 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1020 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1021 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1022
1023 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1024 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1025 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1026 extra="DPPAuthDirection,Mutual,")
1027
1028 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
1029 check_dpp_capab(dev[0])
1030 check_dpp_capab(dev[1])
1031
1032 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1033 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1034 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1035 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1036
1037 params = { "ssid": "DPPNET01",
1038 "wpa": "2",
1039 "ieee80211w": "2",
1040 "wpa_key_mgmt": "DPP",
1041 "rsn_pairwise": "CCMP",
1042 "dpp_connector": ap_connector,
1043 "dpp_csign": csign_pub,
1044 "dpp_netaccesskey": ap_netaccesskey }
1045 try:
1046 hapd = hostapd.add_ap(apdev[0], params)
1047 except:
1048 raise HwsimSkip("DPP not supported")
1049
1050 sigma = start_sigma_dut(dev[0].ifname)
1051 try:
1052 dev[0].set("dpp_config_processing", "2")
1053
1054 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1055 res = dev[1].request(cmd);
1056 if "FAIL" in res:
1057 raise Exception("Failed to add configurator")
1058 conf_id = int(res)
1059
1060 addr = dev[1].own_addr().replace(':', '')
1061 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1062 res = dev[1].request(cmd)
1063 if "FAIL" in res:
1064 raise Exception("Failed to generate bootstrapping info")
1065 id0 = int(res)
1066 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1067
1068 dev[1].set("dpp_configurator_params",
1069 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id));
1070 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1071 if "OK" not in dev[1].request(cmd):
1072 raise Exception("Failed to start listen operation")
1073
1074 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1075 if "status,COMPLETE" not in res:
1076 raise Exception("dev_exec_action did not succeed: " + res)
1077 hex = res.split(',')[3]
1078 uri = hex.decode('hex')
1079 logger.info("URI from sigma_dut: " + uri)
1080
1081 res = dev[1].request("DPP_QR_CODE " + uri)
1082 if "FAIL" in res:
1083 raise Exception("Failed to parse QR Code URI")
1084 id1 = int(res)
1085
1086 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1087 if "status,COMPLETE" not in res:
1088 raise Exception("dev_exec_action did not succeed: " + res)
1089
1090 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
1091 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1092 raise Exception("Unexpected result: " + res)
1093 finally:
1094 dev[0].set("dpp_config_processing", "0")
1095 stop_sigma_dut(sigma)
1096
1097 def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1098 time.sleep(1)
1099 logger.info("Starting DPP initiator/configurator in a thread")
1100 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, "DPPNET01".encode("hex"), conf_id)
1101 if own_id is not None:
1102 cmd += " own=%d" % own_id
1103 if "OK" not in dev.request(cmd):
1104 raise Exception("Failed to initiate DPP Authentication")
1105 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1106 if ev is None:
1107 raise Exception("DPP configuration not completed (Configurator)")
1108 logger.info("DPP initiator/configurator done")
1109
1110 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1111 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1112 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1113
1114 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1115 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1116 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1117
1118 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
1119 check_dpp_capab(dev[0])
1120 check_dpp_capab(dev[1])
1121
1122 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1123 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1124 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1125 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1126
1127 params = { "ssid": "DPPNET01",
1128 "wpa": "2",
1129 "ieee80211w": "2",
1130 "wpa_key_mgmt": "DPP",
1131 "rsn_pairwise": "CCMP",
1132 "dpp_connector": ap_connector,
1133 "dpp_csign": csign_pub,
1134 "dpp_netaccesskey": ap_netaccesskey }
1135 try:
1136 hapd = hostapd.add_ap(apdev[0], params)
1137 except:
1138 raise HwsimSkip("DPP not supported")
1139
1140 sigma = start_sigma_dut(dev[0].ifname)
1141 try:
1142 dev[0].set("dpp_config_processing", "2")
1143
1144 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1145 res = dev[1].request(cmd);
1146 if "FAIL" in res:
1147 raise Exception("Failed to add configurator")
1148 conf_id = int(res)
1149
1150 addr = dev[1].own_addr().replace(':', '')
1151 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1152 res = dev[1].request(cmd)
1153 if "FAIL" in res:
1154 raise Exception("Failed to generate bootstrapping info")
1155 id0 = int(res)
1156 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1157
1158 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1159 if "status,COMPLETE" not in res:
1160 raise Exception("dev_exec_action did not succeed: " + res)
1161 hex = res.split(',')[3]
1162 uri = hex.decode('hex')
1163 logger.info("URI from sigma_dut: " + uri)
1164
1165 res = dev[1].request("DPP_QR_CODE " + uri)
1166 if "FAIL" in res:
1167 raise Exception("Failed to parse QR Code URI")
1168 id1 = int(res)
1169
1170 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1171 if "status,COMPLETE" not in res:
1172 raise Exception("dev_exec_action did not succeed: " + res)
1173
1174 t = threading.Thread(target=dpp_init_conf_mutual,
1175 args=(dev[1], id1, conf_id, id0))
1176 t.start()
1177
1178 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1179 if extra:
1180 cmd += extra
1181 res = sigma_dut_cmd(cmd, timeout=25)
1182 t.join()
1183 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1184 raise Exception("Unexpected result: " + res)
1185 finally:
1186 dev[0].set("dpp_config_processing", "0")
1187 stop_sigma_dut(sigma)
1188
1189 def dpp_resp_conf_mutual(dev, conf_id, uri):
1190 logger.info("Starting DPP responder/configurator in a thread")
1191 dev.set("dpp_configurator_params",
1192 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id));
1193 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1194 if "OK" not in dev.request(cmd):
1195 raise Exception("Failed to initiate DPP listen")
1196 if uri:
1197 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1198 if ev is None:
1199 raise Exception("QR Code scan for mutual authentication not requested")
1200 res = dev.request("DPP_QR_CODE " + uri)
1201 if "FAIL" in res:
1202 raise Exception("Failed to parse QR Code URI")
1203 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1204 if ev is None:
1205 raise Exception("DPP configuration not completed (Configurator)")
1206 logger.info("DPP responder/configurator done")
1207
1208 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1209 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1210 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1211
1212 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1213 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1214 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1215
1216 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1217 check_dpp_capab(dev[0])
1218 check_dpp_capab(dev[1])
1219
1220 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1221 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1222 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1223 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1224
1225 params = { "ssid": "DPPNET01",
1226 "wpa": "2",
1227 "ieee80211w": "2",
1228 "wpa_key_mgmt": "DPP",
1229 "rsn_pairwise": "CCMP",
1230 "dpp_connector": ap_connector,
1231 "dpp_csign": csign_pub,
1232 "dpp_netaccesskey": ap_netaccesskey }
1233 try:
1234 hapd = hostapd.add_ap(apdev[0], params)
1235 except:
1236 raise HwsimSkip("DPP not supported")
1237
1238 sigma = start_sigma_dut(dev[0].ifname)
1239 try:
1240 dev[0].set("dpp_config_processing", "2")
1241
1242 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1243 res = dev[1].request(cmd);
1244 if "FAIL" in res:
1245 raise Exception("Failed to add configurator")
1246 conf_id = int(res)
1247
1248 addr = dev[1].own_addr().replace(':', '')
1249 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1250 res = dev[1].request(cmd)
1251 if "FAIL" in res:
1252 raise Exception("Failed to generate bootstrapping info")
1253 id0 = int(res)
1254 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1255
1256 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1257 if "status,COMPLETE" not in res:
1258 raise Exception("dev_exec_action did not succeed: " + res)
1259 hex = res.split(',')[3]
1260 uri = hex.decode('hex')
1261 logger.info("URI from sigma_dut: " + uri)
1262
1263 if not resp_pending:
1264 res = dev[1].request("DPP_QR_CODE " + uri)
1265 if "FAIL" in res:
1266 raise Exception("Failed to parse QR Code URI")
1267 uri = None
1268
1269 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1270 if "status,COMPLETE" not in res:
1271 raise Exception("dev_exec_action did not succeed: " + res)
1272
1273 t = threading.Thread(target=dpp_resp_conf_mutual,
1274 args=(dev[1], conf_id, uri))
1275 t.start()
1276
1277 time.sleep(1)
1278 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1279 res = sigma_dut_cmd(cmd, timeout=15)
1280 t.join()
1281 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1282 raise Exception("Unexpected result: " + res)
1283 finally:
1284 dev[0].set("dpp_config_processing", "0")
1285 stop_sigma_dut(sigma)
1286
1287 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1288 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1289 check_dpp_capab(dev[0])
1290 check_dpp_capab(dev[1])
1291
1292 params = hostapd.wpa2_params(ssid="DPPNET01",
1293 passphrase="ThisIsDppPassphrase")
1294 hapd = hostapd.add_ap(apdev[0], params)
1295
1296 sigma = start_sigma_dut(dev[0].ifname)
1297 try:
1298 dev[0].set("dpp_config_processing", "2")
1299
1300 cmd = "DPP_CONFIGURATOR_ADD"
1301 res = dev[1].request(cmd);
1302 if "FAIL" in res:
1303 raise Exception("Failed to add configurator")
1304 conf_id = int(res)
1305
1306 addr = dev[1].own_addr().replace(':', '')
1307 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1308 res = dev[1].request(cmd)
1309 if "FAIL" in res:
1310 raise Exception("Failed to generate bootstrapping info")
1311 id0 = int(res)
1312 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1313
1314 dev[1].set("dpp_configurator_params",
1315 " conf=sta-psk ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id));
1316 cmd = "DPP_LISTEN 2437 role=configurator"
1317 if "OK" not in dev[1].request(cmd):
1318 raise Exception("Failed to start listen operation")
1319
1320 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1321 if "status,COMPLETE" not in res:
1322 raise Exception("dev_exec_action did not succeed: " + res)
1323
1324 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1325 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1326 raise Exception("Unexpected result: " + res)
1327 finally:
1328 dev[0].set("dpp_config_processing", "0")
1329 stop_sigma_dut(sigma)
1330
1331 def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1332 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1333 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1334
1335 def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1336 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1337 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1338
1339 def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1340 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1341 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1342
1343 def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1344 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1345 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1346
1347 def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1348 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1349 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1350
1351 def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1352 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1353 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1354
1355 def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1356 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1357 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1358
1359 def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1360 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1361 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1362
1363 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1364 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1365 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1366
1367 def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
1368 prov_role="Configurator",
1369 extra=None):
1370 check_dpp_capab(dev[0])
1371 check_dpp_capab(dev[1])
1372 sigma = start_sigma_dut(dev[0].ifname)
1373 try:
1374 addr = dev[1].own_addr().replace(':', '')
1375 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1376 res = dev[1].request(cmd)
1377 if "FAIL" in res:
1378 raise Exception("Failed to generate bootstrapping info")
1379 id0 = int(res)
1380 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1381
1382 cmd = "DPP_LISTEN 2437 role=enrollee"
1383 if "OK" not in dev[1].request(cmd):
1384 raise Exception("Failed to start listen operation")
1385
1386 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1387 if "status,COMPLETE" not in res:
1388 raise Exception("dev_exec_action did not succeed: " + res)
1389
1390 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1391 if extra:
1392 cmd += "," + extra
1393 res = sigma_dut_cmd(cmd)
1394 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1395 raise Exception("Unexpected result: " + res)
1396 finally:
1397 stop_sigma_dut(sigma)
1398
1399 def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1400 """sigma_dut DPP roles incompatible (Initiator)"""
1401 check_dpp_capab(dev[0])
1402 check_dpp_capab(dev[1])
1403 sigma = start_sigma_dut(dev[0].ifname)
1404 try:
1405 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1406 if "status,COMPLETE" not in res:
1407 raise Exception("dev_exec_action did not succeed: " + res)
1408 hex = res.split(',')[3]
1409 uri = hex.decode('hex')
1410 logger.info("URI from sigma_dut: " + uri)
1411
1412 res = dev[1].request("DPP_QR_CODE " + uri)
1413 if "FAIL" in res:
1414 raise Exception("Failed to parse QR Code URI")
1415 id1 = int(res)
1416
1417 addr = dev[1].own_addr().replace(':', '')
1418 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1419 res = dev[1].request(cmd)
1420 if "FAIL" in res:
1421 raise Exception("Failed to generate bootstrapping info")
1422 id0 = int(res)
1423 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1424
1425 cmd = "DPP_LISTEN 2437 role=enrollee"
1426 if "OK" not in dev[1].request(cmd):
1427 raise Exception("Failed to start listen operation")
1428
1429 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1430 if "status,COMPLETE" not in res:
1431 raise Exception("dev_exec_action did not succeed: " + res)
1432
1433 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1434 res = sigma_dut_cmd(cmd)
1435 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1436 raise Exception("Unexpected result: " + res)
1437 finally:
1438 stop_sigma_dut(sigma)
1439
1440 def dpp_init_enrollee_mutual(dev, id1, own_id):
1441 logger.info("Starting DPP initiator/enrollee in a thread")
1442 time.sleep(1)
1443 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1444 if "OK" not in dev.request(cmd):
1445 raise Exception("Failed to initiate DPP Authentication")
1446 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1447 "DPP-NOT-COMPATIBLE"], timeout=5)
1448 if ev is None:
1449 raise Exception("DPP configuration not completed (Enrollee)")
1450 logger.info("DPP initiator/enrollee done")
1451
1452 def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1453 """sigma_dut DPP roles incompatible (Responder)"""
1454 check_dpp_capab(dev[0])
1455 check_dpp_capab(dev[1])
1456 sigma = start_sigma_dut(dev[0].ifname)
1457 try:
1458 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1459 res = sigma_dut_cmd(cmd)
1460 if "status,COMPLETE" not in res:
1461 raise Exception("dev_exec_action did not succeed: " + res)
1462 hex = res.split(',')[3]
1463 uri = hex.decode('hex')
1464 logger.info("URI from sigma_dut: " + uri)
1465
1466 res = dev[1].request("DPP_QR_CODE " + uri)
1467 if "FAIL" in res:
1468 raise Exception("Failed to parse QR Code URI")
1469 id1 = int(res)
1470
1471 addr = dev[1].own_addr().replace(':', '')
1472 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1473 res = dev[1].request(cmd)
1474 if "FAIL" in res:
1475 raise Exception("Failed to generate bootstrapping info")
1476 id0 = int(res)
1477 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1478
1479 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1480 if "status,COMPLETE" not in res:
1481 raise Exception("dev_exec_action did not succeed: " + res)
1482
1483 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1484 t.start()
1485 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1486 res = sigma_dut_cmd(cmd, timeout=10)
1487 t.join()
1488 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1489 raise Exception("Unexpected result: " + res)
1490 finally:
1491 stop_sigma_dut(sigma)
1492
1493 def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1494 """sigma_dut DPP/PKEX initiator as Configurator"""
1495 check_dpp_capab(dev[0])
1496 check_dpp_capab(dev[1])
1497 sigma = start_sigma_dut(dev[0].ifname)
1498 try:
1499 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1500 res = dev[1].request(cmd)
1501 if "FAIL" in res:
1502 raise Exception("Failed to generate bootstrapping info")
1503 id1 = int(res)
1504 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1505 res = dev[1].request(cmd)
1506 if "FAIL" in res:
1507 raise Exception("Failed to set PKEX data (responder)")
1508 cmd = "DPP_LISTEN 2437 role=enrollee"
1509 if "OK" not in dev[1].request(cmd):
1510 raise Exception("Failed to start listen operation")
1511
1512 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1513 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1514 raise Exception("Unexpected result: " + res)
1515 finally:
1516 stop_sigma_dut(sigma)
1517
1518 def dpp_init_conf(dev, id1, conf, conf_id, extra):
1519 logger.info("Starting DPP initiator/configurator in a thread")
1520 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1521 if "OK" not in dev.request(cmd):
1522 raise Exception("Failed to initiate DPP Authentication")
1523 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1524 if ev is None:
1525 raise Exception("DPP configuration not completed (Configurator)")
1526 logger.info("DPP initiator/configurator done")
1527
1528 def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1529 """sigma_dut controlled AP (DPP)"""
1530 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1531
1532 def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1533 """sigma_dut controlled AP (legacy)"""
1534 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1535 extra="pass=%s" % "qwertyuiop".encode("hex"))
1536
1537 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1538 """sigma_dut controlled AP (legacy)"""
1539 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1540 extra="psk=%s" % (32*"12"))
1541
1542 def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
1543 check_dpp_capab(dev[0])
1544 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1545 with HWSimRadio() as (radio, iface):
1546 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1547 try:
1548 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1549 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1550 if "status,COMPLETE" not in res:
1551 raise Exception("dev_exec_action did not succeed: " + res)
1552 hex = res.split(',')[3]
1553 uri = hex.decode('hex')
1554 logger.info("URI from sigma_dut: " + uri)
1555
1556 cmd = "DPP_CONFIGURATOR_ADD"
1557 res = dev[0].request(cmd);
1558 if "FAIL" in res:
1559 raise Exception("Failed to add configurator")
1560 conf_id = int(res)
1561
1562 res = dev[0].request("DPP_QR_CODE " + uri)
1563 if "FAIL" in res:
1564 raise Exception("Failed to parse QR Code URI")
1565 id1 = int(res)
1566
1567 t = threading.Thread(target=dpp_init_conf,
1568 args=(dev[0], id1, ap_conf, conf_id, extra))
1569 t.start()
1570 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1571 t.join()
1572 if "ConfResult,OK" not in res:
1573 raise Exception("Unexpected result: " + res)
1574
1575 addr = dev[1].own_addr().replace(':', '')
1576 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1577 res = dev[1].request(cmd)
1578 if "FAIL" in res:
1579 raise Exception("Failed to generate bootstrapping info")
1580 id1 = int(res)
1581 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1582
1583 res = dev[0].request("DPP_QR_CODE " + uri1)
1584 if "FAIL" in res:
1585 raise Exception("Failed to parse QR Code URI")
1586 id0b = int(res)
1587
1588 dev[1].set("dpp_config_processing", "2")
1589 cmd = "DPP_LISTEN 2412"
1590 if "OK" not in dev[1].request(cmd):
1591 raise Exception("Failed to start listen operation")
1592 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1593 if "OK" not in dev[0].request(cmd):
1594 raise Exception("Failed to initiate DPP Authentication")
1595 dev[1].wait_connected()
1596
1597 sigma_dut_cmd_check("ap_reset_default")
1598 finally:
1599 dev[1].set("dpp_config_processing", "0")
1600 stop_sigma_dut(sigma)
1601
1602 def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1603 """sigma_dut controlled AP as DPP PKEX responder"""
1604 check_dpp_capab(dev[0])
1605 logdir = os.path.join(params['logdir'],
1606 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1607 with HWSimRadio() as (radio, iface):
1608 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1609 try:
1610 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1611 finally:
1612 stop_sigma_dut(sigma)
1613
1614 def dpp_init_conf_pkex(dev, conf_id, check_config=True):
1615 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1616 time.sleep(1.5)
1617 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1618 res = dev.request(cmd)
1619 if "FAIL" in res:
1620 raise Exception("Failed to generate bootstrapping info")
1621 id = int(res)
1622 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1623 res = dev.request(cmd)
1624 if "FAIL" in res:
1625 raise Exception("Failed to initiate DPP PKEX")
1626 if not check_config:
1627 return
1628 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1629 if ev is None:
1630 raise Exception("DPP configuration not completed (Configurator)")
1631 logger.info("DPP initiator/configurator done")
1632
1633 def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1634 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1635
1636 cmd = "DPP_CONFIGURATOR_ADD"
1637 res = dev[0].request(cmd);
1638 if "FAIL" in res:
1639 raise Exception("Failed to add configurator")
1640 conf_id = int(res)
1641
1642 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1643 t.start()
1644 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
1645 t.join()
1646 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1647 raise Exception("Unexpected result: " + res)
1648
1649 sigma_dut_cmd_check("ap_reset_default")
1650
1651 def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1652 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1653 check_dpp_capab(dev[0])
1654 sigma = start_sigma_dut(dev[0].ifname)
1655 try:
1656 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1657 finally:
1658 stop_sigma_dut(sigma)
1659
1660 def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1661 cmd = "DPP_CONFIGURATOR_ADD"
1662 res = dev[1].request(cmd);
1663 if "FAIL" in res:
1664 raise Exception("Failed to add configurator")
1665 conf_id = int(res)
1666
1667 dev[1].set("dpp_test", "44")
1668
1669 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1670 False))
1671 t.start()
1672 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1673 t.join()
1674 if "BootstrapResult,Timeout" not in res:
1675 raise Exception("Unexpected result: " + res)
1676
1677 def dpp_proto_init(dev, id1):
1678 time.sleep(1)
1679 logger.info("Starting DPP initiator/configurator in a thread")
1680 cmd = "DPP_CONFIGURATOR_ADD"
1681 res = dev.request(cmd);
1682 if "FAIL" in res:
1683 raise Exception("Failed to add configurator")
1684 conf_id = int(res)
1685
1686 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1687 if "OK" not in dev.request(cmd):
1688 raise Exception("Failed to initiate DPP Authentication")
1689
1690 def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1691 """sigma_dut DPP protocol testing - Initiator"""
1692 check_dpp_capab(dev[0])
1693 check_dpp_capab(dev[1])
1694 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1695 "BootstrapResult,OK,AuthResult,Errorsent",
1696 None),
1697 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1698 "BootstrapResult,OK,AuthResult,Errorsent",
1699 None),
1700 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1701 "BootstrapResult,OK,AuthResult,Errorsent",
1702 "Missing or invalid I-capabilities"),
1703 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1704 "BootstrapResult,OK,AuthResult,Errorsent",
1705 "Mismatching Initiator Authenticating Tag"),
1706 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1707 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1708 "Missing or invalid Enrollee Nonce attribute") ]
1709 for step, frame, attr, result, fail in tests:
1710 dev[0].request("FLUSH")
1711 dev[1].request("FLUSH")
1712 sigma = start_sigma_dut(dev[0].ifname)
1713 try:
1714 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1715 fail)
1716 finally:
1717 stop_sigma_dut(sigma)
1718
1719 def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1720 addr = dev[1].own_addr().replace(':', '')
1721 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1722 res = dev[1].request(cmd)
1723 if "FAIL" in res:
1724 raise Exception("Failed to generate bootstrapping info")
1725 id0 = int(res)
1726 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1727
1728 cmd = "DPP_LISTEN 2437 role=enrollee"
1729 if "OK" not in dev[1].request(cmd):
1730 raise Exception("Failed to start listen operation")
1731
1732 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1733 if "status,COMPLETE" not in res:
1734 raise Exception("dev_exec_action did not succeed: " + res)
1735
1736 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1737 timeout=10)
1738 if result not in res:
1739 raise Exception("Unexpected result: " + res)
1740 if fail:
1741 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1742 if ev is None or fail not in ev:
1743 raise Exception("Failure not reported correctly: " + str(ev))
1744
1745 dev[1].request("DPP_STOP_LISTEN")
1746 dev[0].dump_monitor()
1747 dev[1].dump_monitor()
1748
1749 def test_sigma_dut_dpp_proto_responder(dev, apdev):
1750 """sigma_dut DPP protocol testing - Responder"""
1751 check_dpp_capab(dev[0])
1752 check_dpp_capab(dev[1])
1753 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1754 "BootstrapResult,OK,AuthResult,Errorsent",
1755 "Missing or invalid required DPP Status attribute"),
1756 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1757 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1758 "Missing or invalid Enrollee Nonce attribute") ]
1759 for step, frame, attr, result, fail in tests:
1760 dev[0].request("FLUSH")
1761 dev[1].request("FLUSH")
1762 sigma = start_sigma_dut(dev[0].ifname)
1763 try:
1764 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1765 fail)
1766 finally:
1767 stop_sigma_dut(sigma)
1768
1769 def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1770 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1771 if "status,COMPLETE" not in res:
1772 raise Exception("dev_exec_action did not succeed: " + res)
1773 hex = res.split(',')[3]
1774 uri = hex.decode('hex')
1775 logger.info("URI from sigma_dut: " + uri)
1776
1777 res = dev[1].request("DPP_QR_CODE " + uri)
1778 if "FAIL" in res:
1779 raise Exception("Failed to parse QR Code URI")
1780 id1 = int(res)
1781
1782 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1783 t.start()
1784 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
1785 t.join()
1786 if result not in res:
1787 raise Exception("Unexpected result: " + res)
1788 if fail:
1789 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1790 if ev is None or fail not in ev:
1791 raise Exception("Failure not reported correctly:" + str(ev))
1792
1793 dev[1].request("DPP_STOP_LISTEN")
1794 dev[0].dump_monitor()
1795 dev[1].dump_monitor()
1796
1797 def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1798 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1799 check_dpp_capab(dev[0])
1800 check_dpp_capab(dev[1])
1801 tests = [ ("AuthenticationResponse",
1802 "BootstrapResult,OK,AuthResult,Errorsent",
1803 None),
1804 ("ConfigurationRequest",
1805 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1806 None)]
1807 for frame, result, fail in tests:
1808 dev[0].request("FLUSH")
1809 dev[1].request("FLUSH")
1810 sigma = start_sigma_dut(dev[0].ifname)
1811 try:
1812 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1813 finally:
1814 stop_sigma_dut(sigma)
1815
1816 def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1817 addr = dev[1].own_addr().replace(':', '')
1818 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1819 res = dev[1].request(cmd)
1820 if "FAIL" in res:
1821 raise Exception("Failed to generate bootstrapping info")
1822 id0 = int(res)
1823 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1824
1825 cmd = "DPP_LISTEN 2437 role=enrollee"
1826 if "OK" not in dev[1].request(cmd):
1827 raise Exception("Failed to start listen operation")
1828
1829 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1830 if "status,COMPLETE" not in res:
1831 raise Exception("dev_exec_action did not succeed: " + res)
1832
1833 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1834 if result not in res:
1835 raise Exception("Unexpected result: " + res)
1836 if fail:
1837 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1838 if ev is None or fail not in ev:
1839 raise Exception("Failure not reported correctly: " + str(ev))
1840
1841 dev[1].request("DPP_STOP_LISTEN")
1842 dev[0].dump_monitor()
1843 dev[1].dump_monitor()
1844
1845 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1846 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1847 check_dpp_capab(dev[0])
1848 check_dpp_capab(dev[1])
1849 tests = [ ("AuthenticationConfirm",
1850 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1851 None) ]
1852 for frame, result, fail in tests:
1853 dev[0].request("FLUSH")
1854 dev[1].request("FLUSH")
1855 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1856 try:
1857 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1858 result, fail)
1859 finally:
1860 stop_sigma_dut(sigma)
1861
1862 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1863 fail):
1864 addr = dev[1].own_addr().replace(':', '')
1865 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1866 res = dev[1].request(cmd)
1867 if "FAIL" in res:
1868 raise Exception("Failed to generate bootstrapping info")
1869 id0 = int(res)
1870 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1871
1872 cmd = "DPP_LISTEN 2437 role=configurator"
1873 if "OK" not in dev[1].request(cmd):
1874 raise Exception("Failed to start listen operation")
1875
1876 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1877 if "status,COMPLETE" not in res:
1878 raise Exception("dev_exec_action did not succeed: " + res)
1879
1880 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1881 if result not in res:
1882 raise Exception("Unexpected result: " + res)
1883 if fail:
1884 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1885 if ev is None or fail not in ev:
1886 raise Exception("Failure not reported correctly: " + str(ev))
1887
1888 dev[1].request("DPP_STOP_LISTEN")
1889 dev[0].dump_monitor()
1890 dev[1].dump_monitor()
1891
1892 def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1893 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1894 check_dpp_capab(dev[0])
1895 check_dpp_capab(dev[1])
1896 tests = [ ("AuthenticationRequest",
1897 "BootstrapResult,OK,AuthResult,Errorsent",
1898 None),
1899 ("AuthenticationConfirm",
1900 "BootstrapResult,OK,AuthResult,Errorsent",
1901 None) ]
1902 for frame, result, fail in tests:
1903 dev[0].request("FLUSH")
1904 dev[1].request("FLUSH")
1905 sigma = start_sigma_dut(dev[0].ifname)
1906 try:
1907 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1908 finally:
1909 stop_sigma_dut(sigma)
1910
1911 def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1912 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1913 if "status,COMPLETE" not in res:
1914 raise Exception("dev_exec_action did not succeed: " + res)
1915 hex = res.split(',')[3]
1916 uri = hex.decode('hex')
1917 logger.info("URI from sigma_dut: " + uri)
1918
1919 res = dev[1].request("DPP_QR_CODE " + uri)
1920 if "FAIL" in res:
1921 raise Exception("Failed to parse QR Code URI")
1922 id1 = int(res)
1923
1924 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1925 t.start()
1926 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1927 t.join()
1928 if result not in res:
1929 raise Exception("Unexpected result: " + res)
1930 if fail:
1931 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1932 if ev is None or fail not in ev:
1933 raise Exception("Failure not reported correctly:" + str(ev))
1934
1935 dev[1].request("DPP_STOP_LISTEN")
1936 dev[0].dump_monitor()
1937 dev[1].dump_monitor()
1938
1939 def dpp_proto_init_pkex(dev):
1940 time.sleep(1)
1941 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1942 cmd = "DPP_CONFIGURATOR_ADD"
1943 res = dev.request(cmd);
1944 if "FAIL" in res:
1945 raise Exception("Failed to add configurator")
1946 conf_id = int(res)
1947
1948 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1949 res = dev.request(cmd)
1950 if "FAIL" in res:
1951 raise Exception("Failed to generate bootstrapping info")
1952 id = int(res)
1953
1954 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
1955 if "FAIL" in dev.request(cmd):
1956 raise Exception("Failed to initiate DPP PKEX")
1957
1958 def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
1959 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
1960 check_dpp_capab(dev[0])
1961 check_dpp_capab(dev[1])
1962 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
1963 "BootstrapResult,Errorsent",
1964 None),
1965 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
1966 "BootstrapResult,Errorsent",
1967 "Missing or invalid Finite Cyclic Group attribute"),
1968 ("MissingAttribute", "PKEXCRRequest", "BSKey",
1969 "BootstrapResult,Errorsent",
1970 "No valid peer bootstrapping key found") ]
1971 for step, frame, attr, result, fail in tests:
1972 dev[0].request("FLUSH")
1973 dev[1].request("FLUSH")
1974 sigma = start_sigma_dut(dev[0].ifname)
1975 try:
1976 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
1977 result, fail)
1978 finally:
1979 stop_sigma_dut(sigma)
1980
1981 def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
1982 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1983 res = dev[1].request(cmd)
1984 if "FAIL" in res:
1985 raise Exception("Failed to generate bootstrapping info")
1986 id1 = int(res)
1987
1988 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
1989 res = dev[1].request(cmd)
1990 if "FAIL" in res:
1991 raise Exception("Failed to set PKEX data (responder)")
1992
1993 cmd = "DPP_LISTEN 2437 role=enrollee"
1994 if "OK" not in dev[1].request(cmd):
1995 raise Exception("Failed to start listen operation")
1996
1997 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
1998 if result not in res:
1999 raise Exception("Unexpected result: " + res)
2000 if fail:
2001 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2002 if ev is None or fail not in ev:
2003 raise Exception("Failure not reported correctly: " + str(ev))
2004
2005 dev[1].request("DPP_STOP_LISTEN")
2006 dev[0].dump_monitor()
2007 dev[1].dump_monitor()
2008
2009 def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2010 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2011 check_dpp_capab(dev[0])
2012 check_dpp_capab(dev[1])
2013 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2014 "BootstrapResult,Errorsent",
2015 None),
2016 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2017 "BootstrapResult,Errorsent",
2018 "No DPP Status attribute"),
2019 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2020 "BootstrapResult,Errorsent",
2021 "No valid peer bootstrapping key found") ]
2022 for step, frame, attr, result, fail in tests:
2023 dev[0].request("FLUSH")
2024 dev[1].request("FLUSH")
2025 sigma = start_sigma_dut(dev[0].ifname)
2026 try:
2027 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2028 result, fail)
2029 finally:
2030 stop_sigma_dut(sigma)
2031
2032 def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2033 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2034 t.start()
2035 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
2036 t.join()
2037 if result not in res:
2038 raise Exception("Unexpected result: " + res)
2039 if fail:
2040 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2041 if ev is None or fail not in ev:
2042 raise Exception("Failure not reported correctly:" + str(ev))
2043
2044 dev[1].request("DPP_STOP_LISTEN")
2045 dev[0].dump_monitor()
2046 dev[1].dump_monitor()
2047
2048 def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2049 check_dpp_capab(dev[0])
2050 check_dpp_capab(dev[1])
2051
2052 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2053 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2054 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2055 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2056
2057 params = { "ssid": "DPPNET01",
2058 "wpa": "2",
2059 "ieee80211w": "2",
2060 "wpa_key_mgmt": "DPP",
2061 "rsn_pairwise": "CCMP",
2062 "dpp_connector": ap_connector,
2063 "dpp_csign": csign_pub,
2064 "dpp_netaccesskey": ap_netaccesskey }
2065 try:
2066 hapd = hostapd.add_ap(apdev[0], params)
2067 except:
2068 raise HwsimSkip("DPP not supported")
2069
2070 dev[0].set("dpp_config_processing", "2")
2071
2072 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2073 res = dev[1].request(cmd);
2074 if "FAIL" in res:
2075 raise Exception("Failed to add configurator")
2076 conf_id = int(res)
2077
2078 addr = dev[1].own_addr().replace(':', '')
2079 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2080 res = dev[1].request(cmd)
2081 if "FAIL" in res:
2082 raise Exception("Failed to generate bootstrapping info")
2083 id0 = int(res)
2084 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2085
2086 dev[1].set("dpp_configurator_params",
2087 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id));
2088 cmd = "DPP_LISTEN 2437 role=configurator"
2089 if "OK" not in dev[1].request(cmd):
2090 raise Exception("Failed to start listen operation")
2091
2092 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
2093 if "status,COMPLETE" not in res:
2094 raise Exception("dev_exec_action did not succeed: " + res)
2095
2096 def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2097 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2098 sigma = start_sigma_dut(dev[0].ifname)
2099 try:
2100 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2101
2102 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2103 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2104 raise Exception("Unexpected result: " + res)
2105 finally:
2106 dev[0].set("dpp_config_processing", "0")
2107 stop_sigma_dut(sigma)
2108
2109 def test_sigma_dut_dpp_self_config(dev, apdev):
2110 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2111 check_dpp_capab(dev[0])
2112
2113 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2114 check_dpp_capab(hapd)
2115
2116 sigma = start_sigma_dut(dev[0].ifname)
2117 try:
2118 dev[0].set("dpp_config_processing", "2")
2119 addr = hapd.own_addr().replace(':', '')
2120 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2121 res = hapd.request(cmd)
2122 if "FAIL" in res:
2123 raise Exception("Failed to generate bootstrapping info")
2124 id = int(res)
2125 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2126
2127 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2128 if "status,COMPLETE" not in res:
2129 raise Exception("dev_exec_action did not succeed: " + res)
2130
2131 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2132 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2133 raise Exception("Unexpected result: " + res)
2134 update_hapd_config(hapd)
2135
2136 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2137 res = sigma_dut_cmd(cmd, timeout=10)
2138 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2139 raise Exception("Unexpected result: " + res)
2140 finally:
2141 stop_sigma_dut(sigma)
2142 dev[0].set("dpp_config_processing", "0")
2143
2144 def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2145 """sigma_dut DPP AP Configurator using self-configuration"""
2146 logdir = os.path.join(params['logdir'],
2147 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2148 with HWSimRadio() as (radio, iface):
2149 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2150 try:
2151 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2152 finally:
2153 stop_sigma_dut(sigma)
2154 dev[0].set("dpp_config_processing", "0")
2155
2156 def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2157 check_dpp_capab(dev[0])
2158
2159 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2160
2161 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2162 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2163 raise Exception("Unexpected result: " + res)
2164
2165 dev[0].set("dpp_config_processing", "2")
2166
2167 addr = dev[0].own_addr().replace(':', '')
2168 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2169 res = dev[0].request(cmd)
2170 if "FAIL" in res:
2171 raise Exception("Failed to generate bootstrapping info")
2172 id = int(res)
2173 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2174 cmd = "DPP_LISTEN 2462 role=enrollee"
2175 if "OK" not in dev[0].request(cmd):
2176 raise Exception("Failed to start listen operation")
2177
2178 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2179 if "status,COMPLETE" not in res:
2180 raise Exception("dev_exec_action did not succeed: " + res)
2181 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2182 res = sigma_dut_cmd(cmd)
2183 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2184 raise Exception("Unexpected result: " + res)
2185 dev[0].wait_connected()
2186 dev[0].request("DISCONNECT")
2187 dev[0].wait_disconnected()
2188 sigma_dut_cmd_check("ap_reset_default")
2189
2190 def test_sigma_dut_preconfigured_profile(dev, apdev):
2191 """sigma_dut controlled connection using preconfigured profile"""
2192 try:
2193 run_sigma_dut_preconfigured_profile(dev, apdev)
2194 finally:
2195 dev[0].set("ignore_old_scan_res", "0")
2196
2197 def run_sigma_dut_preconfigured_profile(dev, apdev):
2198 ifname = dev[0].ifname
2199 sigma = start_sigma_dut(ifname)
2200
2201 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2202 hapd = hostapd.add_ap(apdev[0], params)
2203 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2204 only_add_network=True)
2205
2206 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2207 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2208 sigma_dut_wait_connected(ifname)
2209 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2210 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2211 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2212
2213 stop_sigma_dut(sigma)
2214
2215 def test_sigma_dut_wps_pbc(dev, apdev):
2216 """sigma_dut and WPS PBC Enrollee"""
2217 try:
2218 run_sigma_dut_wps_pbc(dev, apdev)
2219 finally:
2220 dev[0].set("ignore_old_scan_res", "0")
2221
2222 def run_sigma_dut_wps_pbc(dev, apdev):
2223 ssid = "test-wps-conf"
2224 hapd = hostapd.add_ap(apdev[0],
2225 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2226 "wpa_passphrase": "12345678", "wpa": "2",
2227 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2228 hapd.request("WPS_PBC")
2229
2230 ifname = dev[0].ifname
2231 sigma = start_sigma_dut(ifname)
2232
2233 cmd = "start_wps_registration,interface,%s" % ifname
2234 cmd += ",WpsRole,Enrollee"
2235 cmd += ",WpsConfigMethod,PBC"
2236 sigma_dut_cmd_check(cmd, timeout=15)
2237
2238 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2239 hapd.disable()
2240 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2241 stop_sigma_dut(sigma)
2242 dev[0].flush_scan_cache()
2243
2244 def test_sigma_dut_sta_scan_bss(dev, apdev):
2245 """sigma_dut sta_scan_bss"""
2246 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2247 sigma = start_sigma_dut(dev[0].ifname)
2248 try:
2249 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2250 hapd.own_addr())
2251 res = sigma_dut_cmd(cmd, timeout=10)
2252 if "ssid,test,bsschannel,1" not in res:
2253 raise Exception("Unexpected result: " + res)
2254 finally:
2255 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.