]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Remove trailing semicolons from python code
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import binascii
8 import logging
9 logger = logging.getLogger()
10 import os
11 import socket
12 import struct
13 import subprocess
14 import threading
15 import time
16
17 import hostapd
18 from utils import HwsimSkip
19 from hwsim import HWSimRadio
20 import hwsim_utils
21 from test_dpp import check_dpp_capab, update_hapd_config
22 from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
23 from test_ap_eap import check_eap_capa
24 from test_ap_hs20 import hs20_ap_params
25
26 def check_sigma_dut():
27 if not os.path.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
29
30 def sigma_dut_cmd(cmd, port=9000, timeout=2):
31 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
32 socket.IPPROTO_TCP)
33 sock.settimeout(timeout)
34 addr = ('127.0.0.1', port)
35 sock.connect(addr)
36 sock.send(cmd + "\r\n")
37 try:
38 res = sock.recv(1000)
39 running = False
40 done = False
41 for line in res.splitlines():
42 if line.startswith("status,RUNNING"):
43 running = True
44 elif line.startswith("status,INVALID"):
45 done = True
46 elif line.startswith("status,ERROR"):
47 done = True
48 elif line.startswith("status,COMPLETE"):
49 done = True
50 if running and not done:
51 # Read the actual response
52 res = sock.recv(1000)
53 except:
54 res = ''
55 pass
56 sock.close()
57 res = res.rstrip()
58 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
59 return res
60
61 def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
62 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
63 if "COMPLETE" not in res:
64 raise Exception("sigma_dut command failed: " + cmd)
65 return res
66
67 def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None,
68 bridge=None):
69 check_sigma_dut()
70 cmd = [ './sigma_dut',
71 '-M', ifname,
72 '-S', ifname,
73 '-F', '../../hostapd/hostapd',
74 '-G',
75 '-w', '/var/run/wpa_supplicant/',
76 '-j', ifname ]
77 if debug:
78 cmd += [ '-d' ]
79 if hostapd_logdir:
80 cmd += [ '-H', hostapd_logdir ]
81 if cert_path:
82 cmd += [ '-C', cert_path ]
83 if bridge:
84 cmd += [ '-b', bridge ]
85 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
86 stderr=subprocess.PIPE)
87 for i in range(20):
88 try:
89 res = sigma_dut_cmd("HELLO")
90 break
91 except:
92 time.sleep(0.05)
93 return sigma
94
95 def stop_sigma_dut(sigma):
96 sigma.terminate()
97 sigma.wait()
98 out, err = sigma.communicate()
99 logger.debug("sigma_dut stdout: " + str(out))
100 logger.debug("sigma_dut stderr: " + str(err))
101
102 def sigma_dut_wait_connected(ifname):
103 for i in range(50):
104 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
105 if "connected,1" in res:
106 break
107 time.sleep(0.2)
108 if i == 49:
109 raise Exception("Connection did not complete")
110
111 def test_sigma_dut_basic(dev, apdev):
112 """sigma_dut basic functionality"""
113 sigma = start_sigma_dut(dev[0].ifname)
114
115 res = sigma_dut_cmd("UNKNOWN")
116 if "status,INVALID,errorCode,Unknown command" not in res:
117 raise Exception("Unexpected sigma_dut response to unknown command")
118
119 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
120 ("device_get_info", "status,COMPLETE,vendor"),
121 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
122 ("device_list_interfaces,interfaceType,802.11",
123 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
124 for cmd, response in tests:
125 res = sigma_dut_cmd(cmd)
126 if response not in res:
127 raise Exception("Unexpected %s response: %s" % (cmd, res))
128
129 stop_sigma_dut(sigma)
130
131 def test_sigma_dut_open(dev, apdev):
132 """sigma_dut controlled open network association"""
133 try:
134 run_sigma_dut_open(dev, apdev)
135 finally:
136 dev[0].set("ignore_old_scan_res", "0")
137
138 def run_sigma_dut_open(dev, apdev):
139 ifname = dev[0].ifname
140 sigma = start_sigma_dut(ifname)
141
142 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
143
144 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
145 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
146 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
147 sigma_dut_wait_connected(ifname)
148 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
149 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
150 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
151
152 stop_sigma_dut(sigma)
153
154 def test_sigma_dut_psk_pmf(dev, apdev):
155 """sigma_dut controlled PSK+PMF association"""
156 try:
157 run_sigma_dut_psk_pmf(dev, apdev)
158 finally:
159 dev[0].set("ignore_old_scan_res", "0")
160
161 def run_sigma_dut_psk_pmf(dev, apdev):
162 ifname = dev[0].ifname
163 sigma = start_sigma_dut(ifname)
164
165 ssid = "test-pmf-required"
166 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
167 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
168 params["ieee80211w"] = "2"
169 hapd = hostapd.add_ap(apdev[0], params)
170
171 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
172 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
173 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
174 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
175 sigma_dut_wait_connected(ifname)
176 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
177 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
178 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
179
180 stop_sigma_dut(sigma)
181
182 def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
183 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
184 try:
185 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
186 finally:
187 dev[0].set("ignore_old_scan_res", "0")
188
189 def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
190 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
191 try:
192 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
193 finally:
194 dev[0].set("ignore_old_scan_res", "0")
195
196 def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
197 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
198 try:
199 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
200 finally:
201 dev[0].set("ignore_old_scan_res", "0")
202
203 def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
204 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
205 try:
206 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
207 finally:
208 dev[0].set("ignore_old_scan_res", "0")
209
210 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
211 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
212 try:
213 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
214 failure=True)
215 finally:
216 dev[0].set("ignore_old_scan_res", "0")
217
218 def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
219 failure=False):
220 ifname = dev[0].ifname
221 sigma = start_sigma_dut(ifname)
222
223 ssid = "test-pmf-required"
224 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
225 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
226 params["ieee80211w"] = "2"
227 params["group_mgmt_cipher"] = hostapd_cipher
228 hapd = hostapd.add_ap(apdev[0], params)
229
230 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
231 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
232 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
233 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
234 if failure:
235 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
236 "CTRL-EVENT-CONNECTED"], timeout=10)
237 if ev is None:
238 raise Exception("Network selection result not indicated")
239 if "CTRL-EVENT-CONNECTED" in ev:
240 raise Exception("Unexpected connection")
241 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
242 if "connected,1" in res:
243 raise Exception("Connection reported")
244 else:
245 sigma_dut_wait_connected(ifname)
246 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
247
248 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
249 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
250
251 stop_sigma_dut(sigma)
252
253 def test_sigma_dut_sae(dev, apdev):
254 """sigma_dut controlled SAE association"""
255 if "SAE" not in dev[0].get_capability("auth_alg"):
256 raise HwsimSkip("SAE not supported")
257
258 ifname = dev[0].ifname
259 sigma = start_sigma_dut(ifname)
260
261 ssid = "test-sae"
262 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
263 params['wpa_key_mgmt'] = 'SAE'
264 params["ieee80211w"] = "2"
265 hapd = hostapd.add_ap(apdev[0], params)
266
267 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
268 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
269 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
270 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
271 sigma_dut_wait_connected(ifname)
272 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
273 if dev[0].get_status_field('sae_group') != '19':
274 raise Exception("Expected default SAE group not used")
275 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
276
277 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
278
279 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
280 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
281 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
282 sigma_dut_wait_connected(ifname)
283 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
284 if dev[0].get_status_field('sae_group') != '20':
285 raise Exception("Expected SAE group not used")
286 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
287 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
288
289 stop_sigma_dut(sigma)
290
291 def test_sigma_dut_sae_password(dev, apdev):
292 """sigma_dut controlled SAE association and long password"""
293 if "SAE" not in dev[0].get_capability("auth_alg"):
294 raise HwsimSkip("SAE not supported")
295
296 ifname = dev[0].ifname
297 sigma = start_sigma_dut(ifname)
298
299 try:
300 ssid = "test-sae"
301 params = hostapd.wpa2_params(ssid=ssid)
302 params['sae_password'] = 100*'B'
303 params['wpa_key_mgmt'] = 'SAE'
304 params["ieee80211w"] = "2"
305 hapd = hostapd.add_ap(apdev[0], params)
306
307 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
308 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
309 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
310 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
311 sigma_dut_wait_connected(ifname)
312 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
313 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
314 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
315 finally:
316 stop_sigma_dut(sigma)
317
318 def test_sigma_dut_sta_override_rsne(dev, apdev):
319 """sigma_dut and RSNE override on STA"""
320 try:
321 run_sigma_dut_sta_override_rsne(dev, apdev)
322 finally:
323 dev[0].set("ignore_old_scan_res", "0")
324
325 def run_sigma_dut_sta_override_rsne(dev, apdev):
326 ifname = dev[0].ifname
327 sigma = start_sigma_dut(ifname)
328
329 ssid = "test-psk"
330 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
331 hapd = hostapd.add_ap(apdev[0], params)
332
333 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
334
335 tests = [ "30120100000fac040100000fac040100000fac02",
336 "30140100000fac040100000fac040100000fac02ffff" ]
337 for test in tests:
338 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
339 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
340 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
341 sigma_dut_wait_connected(ifname)
342 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
343 dev[0].dump_monitor()
344
345 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
346 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
347 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
348
349 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
350 if ev is None:
351 raise Exception("Association rejection not reported")
352 if "status_code=40" not in ev:
353 raise Exception("Unexpected status code: " + ev)
354
355 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
356
357 stop_sigma_dut(sigma)
358
359 def test_sigma_dut_ap_psk(dev, apdev):
360 """sigma_dut controlled AP"""
361 with HWSimRadio() as (radio, iface):
362 sigma = start_sigma_dut(iface)
363 try:
364 sigma_dut_cmd_check("ap_reset_default")
365 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
366 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
367 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
368
369 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
370
371 sigma_dut_cmd_check("ap_reset_default")
372 finally:
373 stop_sigma_dut(sigma)
374
375 def test_sigma_dut_ap_pskhex(dev, apdev, params):
376 """sigma_dut controlled AP and PSKHEX"""
377 logdir = os.path.join(params['logdir'],
378 "sigma_dut_ap_pskhex.sigma-hostapd")
379 with HWSimRadio() as (radio, iface):
380 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
381 try:
382 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
383 sigma_dut_cmd_check("ap_reset_default")
384 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
385 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
386 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
387
388 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
389
390 sigma_dut_cmd_check("ap_reset_default")
391 finally:
392 stop_sigma_dut(sigma)
393
394 def test_sigma_dut_ap_psk_sha256(dev, apdev, params):
395 """sigma_dut controlled AP PSK SHA256"""
396 logdir = os.path.join(params['logdir'],
397 "sigma_dut_ap_psk_sha256.sigma-hostapd")
398 with HWSimRadio() as (radio, iface):
399 sigma = start_sigma_dut(iface)
400 try:
401 sigma_dut_cmd_check("ap_reset_default")
402 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
403 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
404 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
405
406 dev[0].connect("test-psk", key_mgmt="WPA-PSK-SHA256",
407 psk="12345678", scan_freq="2412")
408
409 sigma_dut_cmd_check("ap_reset_default")
410 finally:
411 stop_sigma_dut(sigma)
412
413 def test_sigma_dut_suite_b(dev, apdev, params):
414 """sigma_dut controlled STA Suite B"""
415 check_suite_b_192_capa(dev)
416 logdir = params['logdir']
417
418 with open("auth_serv/ec2-ca.pem", "r") as f:
419 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
420 f2.write(f.read())
421
422 with open("auth_serv/ec2-user.pem", "r") as f:
423 with open("auth_serv/ec2-user.key", "r") as f2:
424 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
425 f3.write(f.read())
426 f3.write(f2.read())
427
428 dev[0].flush_scan_cache()
429 params = suite_b_as_params()
430 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
431 params['server_cert'] = 'auth_serv/ec2-server.pem'
432 params['private_key'] = 'auth_serv/ec2-server.key'
433 params['openssl_ciphers'] = 'SUITEB192'
434 hostapd.add_ap(apdev[1], params)
435
436 params = { "ssid": "test-suite-b",
437 "wpa": "2",
438 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
439 "rsn_pairwise": "GCMP-256",
440 "group_mgmt_cipher": "BIP-GMAC-256",
441 "ieee80211w": "2",
442 "ieee8021x": "1",
443 'auth_server_addr': "127.0.0.1",
444 'auth_server_port': "18129",
445 'auth_server_shared_secret': "radius",
446 'nas_identifier': "nas.w1.fi" }
447 hapd = hostapd.add_ap(apdev[0], params)
448
449 ifname = dev[0].ifname
450 sigma = start_sigma_dut(ifname, cert_path=logdir)
451
452 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
453 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
454 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
455 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
456 sigma_dut_wait_connected(ifname)
457 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
458 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
459 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
460
461 stop_sigma_dut(sigma)
462
463 def test_sigma_dut_suite_b_rsa(dev, apdev, params):
464 """sigma_dut controlled STA Suite B (RSA)"""
465 check_suite_b_192_capa(dev)
466 logdir = params['logdir']
467
468 with open("auth_serv/rsa3072-ca.pem", "r") as f:
469 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
470 f2.write(f.read())
471
472 with open("auth_serv/rsa3072-user.pem", "r") as f:
473 with open("auth_serv/rsa3072-user.key", "r") as f2:
474 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
475 f3.write(f.read())
476 f3.write(f2.read())
477
478 dev[0].flush_scan_cache()
479 params = suite_b_192_rsa_ap_params()
480 hapd = hostapd.add_ap(apdev[0], params)
481
482 ifname = dev[0].ifname
483 sigma = start_sigma_dut(ifname, cert_path=logdir)
484
485 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
486
487 tests = [ "",
488 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
489 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
490 for extra in tests:
491 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
492 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
493 sigma_dut_cmd_check(cmd + extra)
494 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
495 sigma_dut_wait_connected(ifname)
496 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
497 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
498 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
499
500 stop_sigma_dut(sigma)
501
502 def test_sigma_dut_ap_suite_b(dev, apdev, params):
503 """sigma_dut controlled AP Suite B"""
504 check_suite_b_192_capa(dev)
505 logdir = os.path.join(params['logdir'],
506 "sigma_dut_ap_suite_b.sigma-hostapd")
507 params = suite_b_as_params()
508 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
509 params['server_cert'] = 'auth_serv/ec2-server.pem'
510 params['private_key'] = 'auth_serv/ec2-server.key'
511 params['openssl_ciphers'] = 'SUITEB192'
512 hostapd.add_ap(apdev[1], params)
513 with HWSimRadio() as (radio, iface):
514 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
515 try:
516 sigma_dut_cmd_check("ap_reset_default")
517 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
518 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
519 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
520 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
521
522 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
523 ieee80211w="2",
524 openssl_ciphers="SUITEB192",
525 eap="TLS", identity="tls user",
526 ca_cert="auth_serv/ec2-ca.pem",
527 client_cert="auth_serv/ec2-user.pem",
528 private_key="auth_serv/ec2-user.key",
529 pairwise="GCMP-256", group="GCMP-256",
530 scan_freq="2412")
531
532 sigma_dut_cmd_check("ap_reset_default")
533 finally:
534 stop_sigma_dut(sigma)
535
536 def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
537 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
538 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
539 "GCMP")
540
541 def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
542 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
543 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
544 "GCMP-256")
545
546 def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
547 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
548 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
549 "CCMP")
550
551 def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
552 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
553 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
554 "CCMP-256")
555
556 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
557 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
558 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
559 "BIP-GMAC-256", "CCMP")
560
561 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
562 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
563 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
564 "BIP-GMAC-256", "GCMP-256", "CCMP")
565
566 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
567 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
568 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
569 "GCMP-256", "CCMP", "AES-CCMP-128")
570
571 def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
572 sta_cipher, sta_cipher_group=None, ap_group=None):
573 check_suite_b_192_capa(dev)
574 logdir = os.path.join(params['logdir'],
575 "sigma_dut_ap_cipher.sigma-hostapd")
576 params = suite_b_as_params()
577 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
578 params['server_cert'] = 'auth_serv/ec2-server.pem'
579 params['private_key'] = 'auth_serv/ec2-server.key'
580 params['openssl_ciphers'] = 'SUITEB192'
581 hostapd.add_ap(apdev[1], params)
582 with HWSimRadio() as (radio, iface):
583 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
584 try:
585 sigma_dut_cmd_check("ap_reset_default")
586 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
587 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
588 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
589 if ap_group:
590 cmd += ",GroupCipher,%s" % ap_group
591 sigma_dut_cmd_check(cmd)
592 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
593
594 if sta_cipher_group is None:
595 sta_cipher_group = sta_cipher
596 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
597 ieee80211w="2",
598 openssl_ciphers="SUITEB192",
599 eap="TLS", identity="tls user",
600 ca_cert="auth_serv/ec2-ca.pem",
601 client_cert="auth_serv/ec2-user.pem",
602 private_key="auth_serv/ec2-user.key",
603 pairwise=sta_cipher, group=sta_cipher_group,
604 scan_freq="2412")
605
606 sigma_dut_cmd_check("ap_reset_default")
607 finally:
608 stop_sigma_dut(sigma)
609
610 def test_sigma_dut_ap_override_rsne(dev, apdev):
611 """sigma_dut controlled AP overriding RSNE"""
612 with HWSimRadio() as (radio, iface):
613 sigma = start_sigma_dut(iface)
614 try:
615 sigma_dut_cmd_check("ap_reset_default")
616 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
617 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
618 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
619 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
620
621 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
622
623 sigma_dut_cmd_check("ap_reset_default")
624 finally:
625 stop_sigma_dut(sigma)
626
627 def test_sigma_dut_ap_sae(dev, apdev, params):
628 """sigma_dut controlled AP with SAE"""
629 logdir = os.path.join(params['logdir'],
630 "sigma_dut_ap_sae.sigma-hostapd")
631 if "SAE" not in dev[0].get_capability("auth_alg"):
632 raise HwsimSkip("SAE not supported")
633 with HWSimRadio() as (radio, iface):
634 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
635 try:
636 sigma_dut_cmd_check("ap_reset_default")
637 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
638 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
639 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
640
641 dev[0].request("SET sae_groups ")
642 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
643 ieee80211w="2", scan_freq="2412")
644 if dev[0].get_status_field('sae_group') != '19':
645 raise Exception("Expected default SAE group not used")
646
647 sigma_dut_cmd_check("ap_reset_default")
648 finally:
649 stop_sigma_dut(sigma)
650
651 def test_sigma_dut_ap_sae_password(dev, apdev, params):
652 """sigma_dut controlled AP with SAE and long password"""
653 logdir = os.path.join(params['logdir'],
654 "sigma_dut_ap_sae_password.sigma-hostapd")
655 if "SAE" not in dev[0].get_capability("auth_alg"):
656 raise HwsimSkip("SAE not supported")
657 with HWSimRadio() as (radio, iface):
658 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
659 try:
660 sigma_dut_cmd_check("ap_reset_default")
661 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
662 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
663 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
664
665 dev[0].request("SET sae_groups ")
666 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
667 ieee80211w="2", scan_freq="2412")
668 if dev[0].get_status_field('sae_group') != '19':
669 raise Exception("Expected default SAE group not used")
670
671 sigma_dut_cmd_check("ap_reset_default")
672 finally:
673 stop_sigma_dut(sigma)
674
675 def test_sigma_dut_ap_sae_group(dev, apdev, params):
676 """sigma_dut controlled AP with SAE and specific group"""
677 logdir = os.path.join(params['logdir'],
678 "sigma_dut_ap_sae_group.sigma-hostapd")
679 if "SAE" not in dev[0].get_capability("auth_alg"):
680 raise HwsimSkip("SAE not supported")
681 with HWSimRadio() as (radio, iface):
682 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
683 try:
684 sigma_dut_cmd_check("ap_reset_default")
685 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
686 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
687 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
688
689 dev[0].request("SET sae_groups ")
690 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
691 ieee80211w="2", scan_freq="2412")
692 if dev[0].get_status_field('sae_group') != '20':
693 raise Exception("Expected SAE group not used")
694
695 sigma_dut_cmd_check("ap_reset_default")
696 finally:
697 stop_sigma_dut(sigma)
698
699 def test_sigma_dut_ap_psk_sae(dev, apdev, params):
700 """sigma_dut controlled AP with PSK+SAE"""
701 if "SAE" not in dev[0].get_capability("auth_alg"):
702 raise HwsimSkip("SAE not supported")
703 logdir = os.path.join(params['logdir'],
704 "sigma_dut_ap_psk_sae.sigma-hostapd")
705 with HWSimRadio() as (radio, iface):
706 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
707 try:
708 sigma_dut_cmd_check("ap_reset_default")
709 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
710 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
711 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
712
713 dev[2].request("SET sae_groups ")
714 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
715 scan_freq="2412", ieee80211w="0", wait_connect=False)
716 dev[0].request("SET sae_groups ")
717 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
718 scan_freq="2412", ieee80211w="2")
719 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
720
721 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
722 dev[2].request("DISCONNECT")
723 if ev is not None:
724 raise Exception("Unexpected connection without PMF")
725
726 sigma_dut_cmd_check("ap_reset_default")
727 finally:
728 stop_sigma_dut(sigma)
729
730 def test_sigma_dut_owe(dev, apdev):
731 """sigma_dut controlled OWE station"""
732 try:
733 run_sigma_dut_owe(dev, apdev)
734 finally:
735 dev[0].set("ignore_old_scan_res", "0")
736
737 def run_sigma_dut_owe(dev, apdev):
738 if "OWE" not in dev[0].get_capability("key_mgmt"):
739 raise HwsimSkip("OWE not supported")
740
741 ifname = dev[0].ifname
742 sigma = start_sigma_dut(ifname)
743
744 try:
745 params = { "ssid": "owe",
746 "wpa": "2",
747 "wpa_key_mgmt": "OWE",
748 "ieee80211w": "2",
749 "rsn_pairwise": "CCMP" }
750 hapd = hostapd.add_ap(apdev[0], params)
751 bssid = hapd.own_addr()
752
753 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
754 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
755 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
756 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
757 sigma_dut_wait_connected(ifname)
758 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
759
760 dev[0].dump_monitor()
761 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
762 dev[0].wait_connected()
763 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
764 dev[0].wait_disconnected()
765 dev[0].dump_monitor()
766
767 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
768 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
769 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
770 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
771 sigma_dut_wait_connected(ifname)
772 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
773 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
774 dev[0].wait_disconnected()
775 dev[0].dump_monitor()
776
777 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
778 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
779 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
780 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
781 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
782 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
783 if ev is None:
784 raise Exception("Association not rejected")
785 if "status_code=77" not in ev:
786 raise Exception("Unexpected rejection reason: " + ev)
787
788 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
789 finally:
790 stop_sigma_dut(sigma)
791
792 def test_sigma_dut_ap_owe(dev, apdev, params):
793 """sigma_dut controlled AP with OWE"""
794 logdir = os.path.join(params['logdir'],
795 "sigma_dut_ap_owe.sigma-hostapd")
796 if "OWE" not in dev[0].get_capability("key_mgmt"):
797 raise HwsimSkip("OWE not supported")
798 with HWSimRadio() as (radio, iface):
799 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
800 try:
801 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
802 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
803 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
804 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
805
806 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
807 scan_freq="2412")
808
809 sigma_dut_cmd_check("ap_reset_default")
810 finally:
811 stop_sigma_dut(sigma)
812
813 def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
814 """sigma_dut controlled AP with OWE and ECGroupID"""
815 if "OWE" not in dev[0].get_capability("key_mgmt"):
816 raise HwsimSkip("OWE not supported")
817 with HWSimRadio() as (radio, iface):
818 sigma = start_sigma_dut(iface)
819 try:
820 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
821 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
822 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
823 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
824
825 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
826 owe_group="20", scan_freq="2412")
827 dev[0].request("REMOVE_NETWORK all")
828 dev[0].wait_disconnected()
829
830 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
831 owe_group="21", scan_freq="2412")
832 dev[0].request("REMOVE_NETWORK all")
833 dev[0].wait_disconnected()
834
835 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
836 owe_group="19", scan_freq="2412", wait_connect=False)
837 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
838 dev[0].request("DISCONNECT")
839 if ev is None:
840 raise Exception("Association not rejected")
841 if "status_code=77" not in ev:
842 raise Exception("Unexpected rejection reason: " + ev)
843 dev[0].dump_monitor()
844
845 sigma_dut_cmd_check("ap_reset_default")
846 finally:
847 stop_sigma_dut(sigma)
848
849 def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
850 """sigma_dut controlled AP with OWE and transition mode"""
851 if "OWE" not in dev[0].get_capability("key_mgmt"):
852 raise HwsimSkip("OWE not supported")
853 logdir = os.path.join(params['logdir'],
854 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
855 with HWSimRadio() as (radio, iface):
856 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
857 try:
858 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
859 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
860 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
861 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
862 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
863 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
864
865 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
866 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
867
868 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
869 scan_freq="2412")
870 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
871 if dev[0].get_status_field('bssid') not in res1:
872 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
873 if dev[1].get_status_field('bssid') not in res2:
874 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
875
876 sigma_dut_cmd_check("ap_reset_default")
877 finally:
878 stop_sigma_dut(sigma)
879
880 def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
881 """sigma_dut controlled AP with OWE and transition mode (2)"""
882 if "OWE" not in dev[0].get_capability("key_mgmt"):
883 raise HwsimSkip("OWE not supported")
884 logdir = os.path.join(params['logdir'],
885 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
886 with HWSimRadio() as (radio, iface):
887 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
888 try:
889 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
890 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
891 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
892 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
893 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
894 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
895
896 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
897 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
898
899 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
900 scan_freq="2412")
901 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
902 if dev[0].get_status_field('bssid') not in res2:
903 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
904 if dev[1].get_status_field('bssid') not in res1:
905 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
906
907 sigma_dut_cmd_check("ap_reset_default")
908 finally:
909 stop_sigma_dut(sigma)
910
911 def dpp_init_enrollee(dev, id1):
912 logger.info("Starting DPP initiator/enrollee in a thread")
913 time.sleep(1)
914 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
915 if "OK" not in dev.request(cmd):
916 raise Exception("Failed to initiate DPP Authentication")
917 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
918 if ev is None:
919 raise Exception("DPP configuration not completed (Enrollee)")
920 logger.info("DPP initiator/enrollee done")
921
922 def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
923 """sigma_dut DPP/QR responder (conf index 1)"""
924 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
925
926 def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
927 """sigma_dut DPP/QR responder (conf index 2)"""
928 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
929
930 def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
931 """sigma_dut DPP/QR responder (conf index 3)"""
932 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
933
934 def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
935 """sigma_dut DPP/QR responder (conf index 4)"""
936 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
937
938 def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
939 """sigma_dut DPP/QR responder (conf index 5)"""
940 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
941
942 def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
943 """sigma_dut DPP/QR responder (conf index 6)"""
944 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
945
946 def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
947 """sigma_dut DPP/QR responder (conf index 7)"""
948 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
949
950 def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
951 """sigma_dut DPP/QR responder (channel list override)"""
952 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
953 listen_chan=2)
954
955 def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
956 listen_chan=None):
957 check_dpp_capab(dev[0])
958 check_dpp_capab(dev[1])
959 sigma = start_sigma_dut(dev[0].ifname)
960 try:
961 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
962 if chan_list:
963 cmd += ",DPPChannelList," + chan_list
964 res = sigma_dut_cmd(cmd)
965 if "status,COMPLETE" not in res:
966 raise Exception("dev_exec_action did not succeed: " + res)
967 hex = res.split(',')[3]
968 uri = hex.decode('hex')
969 logger.info("URI from sigma_dut: " + uri)
970
971 res = dev[1].request("DPP_QR_CODE " + uri)
972 if "FAIL" in res:
973 raise Exception("Failed to parse QR Code URI")
974 id1 = int(res)
975
976 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
977 t.start()
978 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
979 if listen_chan:
980 cmd += ",DPPListenChannel," + str(listen_chan)
981 res = sigma_dut_cmd(cmd, timeout=10)
982 t.join()
983 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
984 raise Exception("Unexpected result: " + res)
985 finally:
986 stop_sigma_dut(sigma)
987
988 def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
989 """sigma_dut DPP/QR initiator as Enrollee"""
990 check_dpp_capab(dev[0])
991 check_dpp_capab(dev[1])
992
993 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
994 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
995 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
996 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
997
998 params = { "ssid": "DPPNET01",
999 "wpa": "2",
1000 "ieee80211w": "2",
1001 "wpa_key_mgmt": "DPP",
1002 "rsn_pairwise": "CCMP",
1003 "dpp_connector": ap_connector,
1004 "dpp_csign": csign_pub,
1005 "dpp_netaccesskey": ap_netaccesskey }
1006 try:
1007 hapd = hostapd.add_ap(apdev[0], params)
1008 except:
1009 raise HwsimSkip("DPP not supported")
1010
1011 sigma = start_sigma_dut(dev[0].ifname)
1012 try:
1013 dev[0].set("dpp_config_processing", "2")
1014
1015 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1016 res = dev[1].request(cmd)
1017 if "FAIL" in res:
1018 raise Exception("Failed to add configurator")
1019 conf_id = int(res)
1020
1021 addr = dev[1].own_addr().replace(':', '')
1022 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1023 res = dev[1].request(cmd)
1024 if "FAIL" in res:
1025 raise Exception("Failed to generate bootstrapping info")
1026 id0 = int(res)
1027 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1028
1029 dev[1].set("dpp_configurator_params",
1030 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
1031 cmd = "DPP_LISTEN 2437 role=configurator"
1032 if "OK" not in dev[1].request(cmd):
1033 raise Exception("Failed to start listen operation")
1034
1035 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1036 if "status,COMPLETE" not in res:
1037 raise Exception("dev_exec_action did not succeed: " + res)
1038
1039 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1040 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1041 raise Exception("Unexpected result: " + res)
1042 finally:
1043 dev[0].set("dpp_config_processing", "0")
1044 stop_sigma_dut(sigma)
1045
1046 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1047 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1048 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1049
1050 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1051 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1052 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1053 extra="DPPAuthDirection,Mutual,")
1054
1055 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
1056 check_dpp_capab(dev[0])
1057 check_dpp_capab(dev[1])
1058
1059 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1060 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1061 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1062 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1063
1064 params = { "ssid": "DPPNET01",
1065 "wpa": "2",
1066 "ieee80211w": "2",
1067 "wpa_key_mgmt": "DPP",
1068 "rsn_pairwise": "CCMP",
1069 "dpp_connector": ap_connector,
1070 "dpp_csign": csign_pub,
1071 "dpp_netaccesskey": ap_netaccesskey }
1072 try:
1073 hapd = hostapd.add_ap(apdev[0], params)
1074 except:
1075 raise HwsimSkip("DPP not supported")
1076
1077 sigma = start_sigma_dut(dev[0].ifname)
1078 try:
1079 dev[0].set("dpp_config_processing", "2")
1080
1081 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1082 res = dev[1].request(cmd)
1083 if "FAIL" in res:
1084 raise Exception("Failed to add configurator")
1085 conf_id = int(res)
1086
1087 addr = dev[1].own_addr().replace(':', '')
1088 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1089 res = dev[1].request(cmd)
1090 if "FAIL" in res:
1091 raise Exception("Failed to generate bootstrapping info")
1092 id0 = int(res)
1093 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1094
1095 dev[1].set("dpp_configurator_params",
1096 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
1097 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1098 if "OK" not in dev[1].request(cmd):
1099 raise Exception("Failed to start listen operation")
1100
1101 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1102 if "status,COMPLETE" not in res:
1103 raise Exception("dev_exec_action did not succeed: " + res)
1104 hex = res.split(',')[3]
1105 uri = hex.decode('hex')
1106 logger.info("URI from sigma_dut: " + uri)
1107
1108 res = dev[1].request("DPP_QR_CODE " + uri)
1109 if "FAIL" in res:
1110 raise Exception("Failed to parse QR Code URI")
1111 id1 = int(res)
1112
1113 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1114 if "status,COMPLETE" not in res:
1115 raise Exception("dev_exec_action did not succeed: " + res)
1116
1117 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
1118 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1119 raise Exception("Unexpected result: " + res)
1120 finally:
1121 dev[0].set("dpp_config_processing", "0")
1122 stop_sigma_dut(sigma)
1123
1124 def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1125 time.sleep(1)
1126 logger.info("Starting DPP initiator/configurator in a thread")
1127 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, "DPPNET01".encode("hex"), conf_id)
1128 if own_id is not None:
1129 cmd += " own=%d" % own_id
1130 if "OK" not in dev.request(cmd):
1131 raise Exception("Failed to initiate DPP Authentication")
1132 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1133 if ev is None:
1134 raise Exception("DPP configuration not completed (Configurator)")
1135 logger.info("DPP initiator/configurator done")
1136
1137 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1138 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1139 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1140
1141 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1142 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1143 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1144
1145 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
1146 check_dpp_capab(dev[0])
1147 check_dpp_capab(dev[1])
1148
1149 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1150 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1151 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1152 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1153
1154 params = { "ssid": "DPPNET01",
1155 "wpa": "2",
1156 "ieee80211w": "2",
1157 "wpa_key_mgmt": "DPP",
1158 "rsn_pairwise": "CCMP",
1159 "dpp_connector": ap_connector,
1160 "dpp_csign": csign_pub,
1161 "dpp_netaccesskey": ap_netaccesskey }
1162 try:
1163 hapd = hostapd.add_ap(apdev[0], params)
1164 except:
1165 raise HwsimSkip("DPP not supported")
1166
1167 sigma = start_sigma_dut(dev[0].ifname)
1168 try:
1169 dev[0].set("dpp_config_processing", "2")
1170
1171 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1172 res = dev[1].request(cmd)
1173 if "FAIL" in res:
1174 raise Exception("Failed to add configurator")
1175 conf_id = int(res)
1176
1177 addr = dev[1].own_addr().replace(':', '')
1178 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1179 res = dev[1].request(cmd)
1180 if "FAIL" in res:
1181 raise Exception("Failed to generate bootstrapping info")
1182 id0 = int(res)
1183 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1184
1185 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1186 if "status,COMPLETE" not in res:
1187 raise Exception("dev_exec_action did not succeed: " + res)
1188 hex = res.split(',')[3]
1189 uri = hex.decode('hex')
1190 logger.info("URI from sigma_dut: " + uri)
1191
1192 res = dev[1].request("DPP_QR_CODE " + uri)
1193 if "FAIL" in res:
1194 raise Exception("Failed to parse QR Code URI")
1195 id1 = int(res)
1196
1197 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1198 if "status,COMPLETE" not in res:
1199 raise Exception("dev_exec_action did not succeed: " + res)
1200
1201 t = threading.Thread(target=dpp_init_conf_mutual,
1202 args=(dev[1], id1, conf_id, id0))
1203 t.start()
1204
1205 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1206 if extra:
1207 cmd += extra
1208 res = sigma_dut_cmd(cmd, timeout=25)
1209 t.join()
1210 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1211 raise Exception("Unexpected result: " + res)
1212 finally:
1213 dev[0].set("dpp_config_processing", "0")
1214 stop_sigma_dut(sigma)
1215
1216 def dpp_resp_conf_mutual(dev, conf_id, uri):
1217 logger.info("Starting DPP responder/configurator in a thread")
1218 dev.set("dpp_configurator_params",
1219 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
1220 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1221 if "OK" not in dev.request(cmd):
1222 raise Exception("Failed to initiate DPP listen")
1223 if uri:
1224 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1225 if ev is None:
1226 raise Exception("QR Code scan for mutual authentication not requested")
1227 res = dev.request("DPP_QR_CODE " + uri)
1228 if "FAIL" in res:
1229 raise Exception("Failed to parse QR Code URI")
1230 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1231 if ev is None:
1232 raise Exception("DPP configuration not completed (Configurator)")
1233 logger.info("DPP responder/configurator done")
1234
1235 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1236 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1237 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1238
1239 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1240 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1241 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1242
1243 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1244 check_dpp_capab(dev[0])
1245 check_dpp_capab(dev[1])
1246
1247 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1248 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1249 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1250 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1251
1252 params = { "ssid": "DPPNET01",
1253 "wpa": "2",
1254 "ieee80211w": "2",
1255 "wpa_key_mgmt": "DPP",
1256 "rsn_pairwise": "CCMP",
1257 "dpp_connector": ap_connector,
1258 "dpp_csign": csign_pub,
1259 "dpp_netaccesskey": ap_netaccesskey }
1260 try:
1261 hapd = hostapd.add_ap(apdev[0], params)
1262 except:
1263 raise HwsimSkip("DPP not supported")
1264
1265 sigma = start_sigma_dut(dev[0].ifname)
1266 try:
1267 dev[0].set("dpp_config_processing", "2")
1268
1269 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1270 res = dev[1].request(cmd)
1271 if "FAIL" in res:
1272 raise Exception("Failed to add configurator")
1273 conf_id = int(res)
1274
1275 addr = dev[1].own_addr().replace(':', '')
1276 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1277 res = dev[1].request(cmd)
1278 if "FAIL" in res:
1279 raise Exception("Failed to generate bootstrapping info")
1280 id0 = int(res)
1281 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1282
1283 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1284 if "status,COMPLETE" not in res:
1285 raise Exception("dev_exec_action did not succeed: " + res)
1286 hex = res.split(',')[3]
1287 uri = hex.decode('hex')
1288 logger.info("URI from sigma_dut: " + uri)
1289
1290 if not resp_pending:
1291 res = dev[1].request("DPP_QR_CODE " + uri)
1292 if "FAIL" in res:
1293 raise Exception("Failed to parse QR Code URI")
1294 uri = None
1295
1296 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1297 if "status,COMPLETE" not in res:
1298 raise Exception("dev_exec_action did not succeed: " + res)
1299
1300 t = threading.Thread(target=dpp_resp_conf_mutual,
1301 args=(dev[1], conf_id, uri))
1302 t.start()
1303
1304 time.sleep(1)
1305 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1306 res = sigma_dut_cmd(cmd, timeout=15)
1307 t.join()
1308 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1309 raise Exception("Unexpected result: " + res)
1310 finally:
1311 dev[0].set("dpp_config_processing", "0")
1312 stop_sigma_dut(sigma)
1313
1314 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1315 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1316 check_dpp_capab(dev[0])
1317 check_dpp_capab(dev[1])
1318
1319 params = hostapd.wpa2_params(ssid="DPPNET01",
1320 passphrase="ThisIsDppPassphrase")
1321 hapd = hostapd.add_ap(apdev[0], params)
1322
1323 sigma = start_sigma_dut(dev[0].ifname)
1324 try:
1325 dev[0].set("dpp_config_processing", "2")
1326
1327 cmd = "DPP_CONFIGURATOR_ADD"
1328 res = dev[1].request(cmd)
1329 if "FAIL" in res:
1330 raise Exception("Failed to add configurator")
1331 conf_id = int(res)
1332
1333 addr = dev[1].own_addr().replace(':', '')
1334 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1335 res = dev[1].request(cmd)
1336 if "FAIL" in res:
1337 raise Exception("Failed to generate bootstrapping info")
1338 id0 = int(res)
1339 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1340
1341 dev[1].set("dpp_configurator_params",
1342 " conf=sta-psk ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id))
1343 cmd = "DPP_LISTEN 2437 role=configurator"
1344 if "OK" not in dev[1].request(cmd):
1345 raise Exception("Failed to start listen operation")
1346
1347 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1348 if "status,COMPLETE" not in res:
1349 raise Exception("dev_exec_action did not succeed: " + res)
1350
1351 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1352 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1353 raise Exception("Unexpected result: " + res)
1354 finally:
1355 dev[0].set("dpp_config_processing", "0")
1356 stop_sigma_dut(sigma)
1357
1358 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev, apdev):
1359 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1360 check_dpp_capab(dev[0])
1361 check_dpp_capab(dev[1])
1362 if "SAE" not in dev[0].get_capability("auth_alg"):
1363 raise HwsimSkip("SAE not supported")
1364
1365 params = hostapd.wpa2_params(ssid="DPPNET01",
1366 passphrase="ThisIsDppPassphrase")
1367 params['wpa_key_mgmt'] = 'SAE'
1368 params["ieee80211w"] = "2"
1369 hapd = hostapd.add_ap(apdev[0], params)
1370
1371 sigma = start_sigma_dut(dev[0].ifname)
1372 try:
1373 dev[0].set("dpp_config_processing", "2")
1374
1375 cmd = "DPP_CONFIGURATOR_ADD"
1376 res = dev[1].request(cmd)
1377 if "FAIL" in res:
1378 raise Exception("Failed to add configurator")
1379 conf_id = int(res)
1380
1381 addr = dev[1].own_addr().replace(':', '')
1382 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1383 res = dev[1].request(cmd)
1384 if "FAIL" in res:
1385 raise Exception("Failed to generate bootstrapping info")
1386 id0 = int(res)
1387 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1388
1389 dev[1].set("dpp_configurator_params",
1390 " conf=sta-sae ssid=%s pass=%s configurator=%d" % ("DPPNET01".encode("hex"), "ThisIsDppPassphrase".encode("hex"), conf_id))
1391 cmd = "DPP_LISTEN 2437 role=configurator"
1392 if "OK" not in dev[1].request(cmd):
1393 raise Exception("Failed to start listen operation")
1394
1395 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1396 if "status,COMPLETE" not in res:
1397 raise Exception("dev_exec_action did not succeed: " + res)
1398
1399 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1400 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1401 raise Exception("Unexpected result: " + res)
1402 finally:
1403 dev[0].set("dpp_config_processing", "0")
1404 stop_sigma_dut(sigma)
1405
1406 def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1407 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1408 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1409
1410 def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1411 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1412 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1413
1414 def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1415 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1416 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1417
1418 def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1419 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1420 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1421
1422 def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1423 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1424 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1425
1426 def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1427 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1428 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1429
1430 def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1431 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1432 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1433
1434 def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1435 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1436 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1437
1438 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1439 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1440 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1441
1442 def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
1443 prov_role="Configurator",
1444 extra=None):
1445 check_dpp_capab(dev[0])
1446 check_dpp_capab(dev[1])
1447 sigma = start_sigma_dut(dev[0].ifname)
1448 try:
1449 addr = dev[1].own_addr().replace(':', '')
1450 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1451 res = dev[1].request(cmd)
1452 if "FAIL" in res:
1453 raise Exception("Failed to generate bootstrapping info")
1454 id0 = int(res)
1455 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1456
1457 cmd = "DPP_LISTEN 2437 role=enrollee"
1458 if "OK" not in dev[1].request(cmd):
1459 raise Exception("Failed to start listen operation")
1460
1461 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1462 if "status,COMPLETE" not in res:
1463 raise Exception("dev_exec_action did not succeed: " + res)
1464
1465 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1466 if extra:
1467 cmd += "," + extra
1468 res = sigma_dut_cmd(cmd)
1469 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1470 raise Exception("Unexpected result: " + res)
1471 finally:
1472 stop_sigma_dut(sigma)
1473
1474 def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1475 """sigma_dut DPP roles incompatible (Initiator)"""
1476 check_dpp_capab(dev[0])
1477 check_dpp_capab(dev[1])
1478 sigma = start_sigma_dut(dev[0].ifname)
1479 try:
1480 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1481 if "status,COMPLETE" not in res:
1482 raise Exception("dev_exec_action did not succeed: " + res)
1483 hex = res.split(',')[3]
1484 uri = hex.decode('hex')
1485 logger.info("URI from sigma_dut: " + uri)
1486
1487 res = dev[1].request("DPP_QR_CODE " + uri)
1488 if "FAIL" in res:
1489 raise Exception("Failed to parse QR Code URI")
1490 id1 = int(res)
1491
1492 addr = dev[1].own_addr().replace(':', '')
1493 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1494 res = dev[1].request(cmd)
1495 if "FAIL" in res:
1496 raise Exception("Failed to generate bootstrapping info")
1497 id0 = int(res)
1498 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1499
1500 cmd = "DPP_LISTEN 2437 role=enrollee"
1501 if "OK" not in dev[1].request(cmd):
1502 raise Exception("Failed to start listen operation")
1503
1504 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1505 if "status,COMPLETE" not in res:
1506 raise Exception("dev_exec_action did not succeed: " + res)
1507
1508 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1509 res = sigma_dut_cmd(cmd)
1510 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1511 raise Exception("Unexpected result: " + res)
1512 finally:
1513 stop_sigma_dut(sigma)
1514
1515 def dpp_init_enrollee_mutual(dev, id1, own_id):
1516 logger.info("Starting DPP initiator/enrollee in a thread")
1517 time.sleep(1)
1518 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1519 if "OK" not in dev.request(cmd):
1520 raise Exception("Failed to initiate DPP Authentication")
1521 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1522 "DPP-NOT-COMPATIBLE"], timeout=5)
1523 if ev is None:
1524 raise Exception("DPP configuration not completed (Enrollee)")
1525 logger.info("DPP initiator/enrollee done")
1526
1527 def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1528 """sigma_dut DPP roles incompatible (Responder)"""
1529 check_dpp_capab(dev[0])
1530 check_dpp_capab(dev[1])
1531 sigma = start_sigma_dut(dev[0].ifname)
1532 try:
1533 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1534 res = sigma_dut_cmd(cmd)
1535 if "status,COMPLETE" not in res:
1536 raise Exception("dev_exec_action did not succeed: " + res)
1537 hex = res.split(',')[3]
1538 uri = hex.decode('hex')
1539 logger.info("URI from sigma_dut: " + uri)
1540
1541 res = dev[1].request("DPP_QR_CODE " + uri)
1542 if "FAIL" in res:
1543 raise Exception("Failed to parse QR Code URI")
1544 id1 = int(res)
1545
1546 addr = dev[1].own_addr().replace(':', '')
1547 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1548 res = dev[1].request(cmd)
1549 if "FAIL" in res:
1550 raise Exception("Failed to generate bootstrapping info")
1551 id0 = int(res)
1552 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1553
1554 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1555 if "status,COMPLETE" not in res:
1556 raise Exception("dev_exec_action did not succeed: " + res)
1557
1558 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1559 t.start()
1560 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1561 res = sigma_dut_cmd(cmd, timeout=10)
1562 t.join()
1563 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1564 raise Exception("Unexpected result: " + res)
1565 finally:
1566 stop_sigma_dut(sigma)
1567
1568 def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1569 """sigma_dut DPP/PKEX initiator as Configurator"""
1570 check_dpp_capab(dev[0])
1571 check_dpp_capab(dev[1])
1572 sigma = start_sigma_dut(dev[0].ifname)
1573 try:
1574 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1575 res = dev[1].request(cmd)
1576 if "FAIL" in res:
1577 raise Exception("Failed to generate bootstrapping info")
1578 id1 = int(res)
1579 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1580 res = dev[1].request(cmd)
1581 if "FAIL" in res:
1582 raise Exception("Failed to set PKEX data (responder)")
1583 cmd = "DPP_LISTEN 2437 role=enrollee"
1584 if "OK" not in dev[1].request(cmd):
1585 raise Exception("Failed to start listen operation")
1586
1587 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1588 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1589 raise Exception("Unexpected result: " + res)
1590 finally:
1591 stop_sigma_dut(sigma)
1592
1593 def dpp_init_conf(dev, id1, conf, conf_id, extra):
1594 logger.info("Starting DPP initiator/configurator in a thread")
1595 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1596 if "OK" not in dev.request(cmd):
1597 raise Exception("Failed to initiate DPP Authentication")
1598 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1599 if ev is None:
1600 raise Exception("DPP configuration not completed (Configurator)")
1601 logger.info("DPP initiator/configurator done")
1602
1603 def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1604 """sigma_dut controlled AP (DPP)"""
1605 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1606
1607 def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1608 """sigma_dut controlled AP (legacy)"""
1609 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1610 extra="pass=%s" % "qwertyuiop".encode("hex"))
1611
1612 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1613 """sigma_dut controlled AP (legacy)"""
1614 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1615 extra="psk=%s" % (32*"12"))
1616
1617 def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
1618 check_dpp_capab(dev[0])
1619 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1620 with HWSimRadio() as (radio, iface):
1621 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1622 try:
1623 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1624 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1625 if "status,COMPLETE" not in res:
1626 raise Exception("dev_exec_action did not succeed: " + res)
1627 hex = res.split(',')[3]
1628 uri = hex.decode('hex')
1629 logger.info("URI from sigma_dut: " + uri)
1630
1631 cmd = "DPP_CONFIGURATOR_ADD"
1632 res = dev[0].request(cmd)
1633 if "FAIL" in res:
1634 raise Exception("Failed to add configurator")
1635 conf_id = int(res)
1636
1637 res = dev[0].request("DPP_QR_CODE " + uri)
1638 if "FAIL" in res:
1639 raise Exception("Failed to parse QR Code URI")
1640 id1 = int(res)
1641
1642 t = threading.Thread(target=dpp_init_conf,
1643 args=(dev[0], id1, ap_conf, conf_id, extra))
1644 t.start()
1645 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1646 t.join()
1647 if "ConfResult,OK" not in res:
1648 raise Exception("Unexpected result: " + res)
1649
1650 addr = dev[1].own_addr().replace(':', '')
1651 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1652 res = dev[1].request(cmd)
1653 if "FAIL" in res:
1654 raise Exception("Failed to generate bootstrapping info")
1655 id1 = int(res)
1656 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1657
1658 res = dev[0].request("DPP_QR_CODE " + uri1)
1659 if "FAIL" in res:
1660 raise Exception("Failed to parse QR Code URI")
1661 id0b = int(res)
1662
1663 dev[1].set("dpp_config_processing", "2")
1664 cmd = "DPP_LISTEN 2412"
1665 if "OK" not in dev[1].request(cmd):
1666 raise Exception("Failed to start listen operation")
1667 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1668 if "OK" not in dev[0].request(cmd):
1669 raise Exception("Failed to initiate DPP Authentication")
1670 dev[1].wait_connected()
1671
1672 sigma_dut_cmd_check("ap_reset_default")
1673 finally:
1674 dev[1].set("dpp_config_processing", "0")
1675 stop_sigma_dut(sigma)
1676
1677 def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1678 """sigma_dut controlled AP as DPP PKEX responder"""
1679 check_dpp_capab(dev[0])
1680 logdir = os.path.join(params['logdir'],
1681 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1682 with HWSimRadio() as (radio, iface):
1683 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1684 try:
1685 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1686 finally:
1687 stop_sigma_dut(sigma)
1688
1689 def dpp_init_conf_pkex(dev, conf_id, check_config=True):
1690 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1691 time.sleep(1.5)
1692 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1693 res = dev.request(cmd)
1694 if "FAIL" in res:
1695 raise Exception("Failed to generate bootstrapping info")
1696 id = int(res)
1697 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1698 res = dev.request(cmd)
1699 if "FAIL" in res:
1700 raise Exception("Failed to initiate DPP PKEX")
1701 if not check_config:
1702 return
1703 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1704 if ev is None:
1705 raise Exception("DPP configuration not completed (Configurator)")
1706 logger.info("DPP initiator/configurator done")
1707
1708 def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1709 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1710
1711 cmd = "DPP_CONFIGURATOR_ADD"
1712 res = dev[0].request(cmd)
1713 if "FAIL" in res:
1714 raise Exception("Failed to add configurator")
1715 conf_id = int(res)
1716
1717 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1718 t.start()
1719 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
1720 t.join()
1721 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1722 raise Exception("Unexpected result: " + res)
1723
1724 sigma_dut_cmd_check("ap_reset_default")
1725
1726 def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1727 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1728 check_dpp_capab(dev[0])
1729 sigma = start_sigma_dut(dev[0].ifname)
1730 try:
1731 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1732 finally:
1733 stop_sigma_dut(sigma)
1734
1735 def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1736 cmd = "DPP_CONFIGURATOR_ADD"
1737 res = dev[1].request(cmd)
1738 if "FAIL" in res:
1739 raise Exception("Failed to add configurator")
1740 conf_id = int(res)
1741
1742 dev[1].set("dpp_test", "44")
1743
1744 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1745 False))
1746 t.start()
1747 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1748 t.join()
1749 if "BootstrapResult,Timeout" not in res:
1750 raise Exception("Unexpected result: " + res)
1751
1752 def dpp_proto_init(dev, id1):
1753 time.sleep(1)
1754 logger.info("Starting DPP initiator/configurator in a thread")
1755 cmd = "DPP_CONFIGURATOR_ADD"
1756 res = dev.request(cmd)
1757 if "FAIL" in res:
1758 raise Exception("Failed to add configurator")
1759 conf_id = int(res)
1760
1761 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1762 if "OK" not in dev.request(cmd):
1763 raise Exception("Failed to initiate DPP Authentication")
1764
1765 def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1766 """sigma_dut DPP protocol testing - Initiator"""
1767 check_dpp_capab(dev[0])
1768 check_dpp_capab(dev[1])
1769 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1770 "BootstrapResult,OK,AuthResult,Errorsent",
1771 None),
1772 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1773 "BootstrapResult,OK,AuthResult,Errorsent",
1774 None),
1775 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1776 "BootstrapResult,OK,AuthResult,Errorsent",
1777 "Missing or invalid I-capabilities"),
1778 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1779 "BootstrapResult,OK,AuthResult,Errorsent",
1780 "Mismatching Initiator Authenticating Tag"),
1781 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1782 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1783 "Missing or invalid Enrollee Nonce attribute") ]
1784 for step, frame, attr, result, fail in tests:
1785 dev[0].request("FLUSH")
1786 dev[1].request("FLUSH")
1787 sigma = start_sigma_dut(dev[0].ifname)
1788 try:
1789 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1790 fail)
1791 finally:
1792 stop_sigma_dut(sigma)
1793
1794 def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1795 addr = dev[1].own_addr().replace(':', '')
1796 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1797 res = dev[1].request(cmd)
1798 if "FAIL" in res:
1799 raise Exception("Failed to generate bootstrapping info")
1800 id0 = int(res)
1801 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1802
1803 cmd = "DPP_LISTEN 2437 role=enrollee"
1804 if "OK" not in dev[1].request(cmd):
1805 raise Exception("Failed to start listen operation")
1806
1807 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1808 if "status,COMPLETE" not in res:
1809 raise Exception("dev_exec_action did not succeed: " + res)
1810
1811 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1812 timeout=10)
1813 if result not in res:
1814 raise Exception("Unexpected result: " + res)
1815 if fail:
1816 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1817 if ev is None or fail not in ev:
1818 raise Exception("Failure not reported correctly: " + str(ev))
1819
1820 dev[1].request("DPP_STOP_LISTEN")
1821 dev[0].dump_monitor()
1822 dev[1].dump_monitor()
1823
1824 def test_sigma_dut_dpp_proto_responder(dev, apdev):
1825 """sigma_dut DPP protocol testing - Responder"""
1826 check_dpp_capab(dev[0])
1827 check_dpp_capab(dev[1])
1828 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1829 "BootstrapResult,OK,AuthResult,Errorsent",
1830 "Missing or invalid required DPP Status attribute"),
1831 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1832 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1833 "Missing or invalid Enrollee Nonce attribute") ]
1834 for step, frame, attr, result, fail in tests:
1835 dev[0].request("FLUSH")
1836 dev[1].request("FLUSH")
1837 sigma = start_sigma_dut(dev[0].ifname)
1838 try:
1839 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1840 fail)
1841 finally:
1842 stop_sigma_dut(sigma)
1843
1844 def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1845 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1846 if "status,COMPLETE" not in res:
1847 raise Exception("dev_exec_action did not succeed: " + res)
1848 hex = res.split(',')[3]
1849 uri = hex.decode('hex')
1850 logger.info("URI from sigma_dut: " + uri)
1851
1852 res = dev[1].request("DPP_QR_CODE " + uri)
1853 if "FAIL" in res:
1854 raise Exception("Failed to parse QR Code URI")
1855 id1 = int(res)
1856
1857 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1858 t.start()
1859 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
1860 t.join()
1861 if result not in res:
1862 raise Exception("Unexpected result: " + res)
1863 if fail:
1864 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1865 if ev is None or fail not in ev:
1866 raise Exception("Failure not reported correctly:" + str(ev))
1867
1868 dev[1].request("DPP_STOP_LISTEN")
1869 dev[0].dump_monitor()
1870 dev[1].dump_monitor()
1871
1872 def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1873 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1874 check_dpp_capab(dev[0])
1875 check_dpp_capab(dev[1])
1876 tests = [ ("AuthenticationResponse",
1877 "BootstrapResult,OK,AuthResult,Errorsent",
1878 None),
1879 ("ConfigurationRequest",
1880 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1881 None)]
1882 for frame, result, fail in tests:
1883 dev[0].request("FLUSH")
1884 dev[1].request("FLUSH")
1885 sigma = start_sigma_dut(dev[0].ifname)
1886 try:
1887 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1888 finally:
1889 stop_sigma_dut(sigma)
1890
1891 def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1892 addr = dev[1].own_addr().replace(':', '')
1893 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1894 res = dev[1].request(cmd)
1895 if "FAIL" in res:
1896 raise Exception("Failed to generate bootstrapping info")
1897 id0 = int(res)
1898 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1899
1900 cmd = "DPP_LISTEN 2437 role=enrollee"
1901 if "OK" not in dev[1].request(cmd):
1902 raise Exception("Failed to start listen operation")
1903
1904 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1905 if "status,COMPLETE" not in res:
1906 raise Exception("dev_exec_action did not succeed: " + res)
1907
1908 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1909 if result not in res:
1910 raise Exception("Unexpected result: " + res)
1911 if fail:
1912 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1913 if ev is None or fail not in ev:
1914 raise Exception("Failure not reported correctly: " + str(ev))
1915
1916 dev[1].request("DPP_STOP_LISTEN")
1917 dev[0].dump_monitor()
1918 dev[1].dump_monitor()
1919
1920 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1921 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1922 check_dpp_capab(dev[0])
1923 check_dpp_capab(dev[1])
1924 tests = [ ("AuthenticationConfirm",
1925 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1926 None) ]
1927 for frame, result, fail in tests:
1928 dev[0].request("FLUSH")
1929 dev[1].request("FLUSH")
1930 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1931 try:
1932 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1933 result, fail)
1934 finally:
1935 stop_sigma_dut(sigma)
1936
1937 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1938 fail):
1939 addr = dev[1].own_addr().replace(':', '')
1940 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1941 res = dev[1].request(cmd)
1942 if "FAIL" in res:
1943 raise Exception("Failed to generate bootstrapping info")
1944 id0 = int(res)
1945 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1946
1947 cmd = "DPP_LISTEN 2437 role=configurator"
1948 if "OK" not in dev[1].request(cmd):
1949 raise Exception("Failed to start listen operation")
1950
1951 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
1952 if "status,COMPLETE" not in res:
1953 raise Exception("dev_exec_action did not succeed: " + res)
1954
1955 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1956 if result not in res:
1957 raise Exception("Unexpected result: " + res)
1958 if fail:
1959 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1960 if ev is None or fail not in ev:
1961 raise Exception("Failure not reported correctly: " + str(ev))
1962
1963 dev[1].request("DPP_STOP_LISTEN")
1964 dev[0].dump_monitor()
1965 dev[1].dump_monitor()
1966
1967 def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1968 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1969 check_dpp_capab(dev[0])
1970 check_dpp_capab(dev[1])
1971 tests = [ ("AuthenticationRequest",
1972 "BootstrapResult,OK,AuthResult,Errorsent",
1973 None),
1974 ("AuthenticationConfirm",
1975 "BootstrapResult,OK,AuthResult,Errorsent",
1976 None) ]
1977 for frame, result, fail in tests:
1978 dev[0].request("FLUSH")
1979 dev[1].request("FLUSH")
1980 sigma = start_sigma_dut(dev[0].ifname)
1981 try:
1982 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1983 finally:
1984 stop_sigma_dut(sigma)
1985
1986 def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1987 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1988 if "status,COMPLETE" not in res:
1989 raise Exception("dev_exec_action did not succeed: " + res)
1990 hex = res.split(',')[3]
1991 uri = hex.decode('hex')
1992 logger.info("URI from sigma_dut: " + uri)
1993
1994 res = dev[1].request("DPP_QR_CODE " + uri)
1995 if "FAIL" in res:
1996 raise Exception("Failed to parse QR Code URI")
1997 id1 = int(res)
1998
1999 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
2000 t.start()
2001 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
2002 t.join()
2003 if result not in res:
2004 raise Exception("Unexpected result: " + res)
2005 if fail:
2006 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2007 if ev is None or fail not in ev:
2008 raise Exception("Failure not reported correctly:" + str(ev))
2009
2010 dev[1].request("DPP_STOP_LISTEN")
2011 dev[0].dump_monitor()
2012 dev[1].dump_monitor()
2013
2014 def dpp_proto_init_pkex(dev):
2015 time.sleep(1)
2016 logger.info("Starting DPP PKEX initiator/configurator in a thread")
2017 cmd = "DPP_CONFIGURATOR_ADD"
2018 res = dev.request(cmd)
2019 if "FAIL" in res:
2020 raise Exception("Failed to add configurator")
2021 conf_id = int(res)
2022
2023 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2024 res = dev.request(cmd)
2025 if "FAIL" in res:
2026 raise Exception("Failed to generate bootstrapping info")
2027 id = int(res)
2028
2029 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
2030 if "FAIL" in dev.request(cmd):
2031 raise Exception("Failed to initiate DPP PKEX")
2032
2033 def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
2034 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2035 check_dpp_capab(dev[0])
2036 check_dpp_capab(dev[1])
2037 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
2038 "BootstrapResult,Errorsent",
2039 None),
2040 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2041 "BootstrapResult,Errorsent",
2042 "Missing or invalid Finite Cyclic Group attribute"),
2043 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2044 "BootstrapResult,Errorsent",
2045 "No valid peer bootstrapping key found") ]
2046 for step, frame, attr, result, fail in tests:
2047 dev[0].request("FLUSH")
2048 dev[1].request("FLUSH")
2049 sigma = start_sigma_dut(dev[0].ifname)
2050 try:
2051 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
2052 result, fail)
2053 finally:
2054 stop_sigma_dut(sigma)
2055
2056 def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
2057 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2058 res = dev[1].request(cmd)
2059 if "FAIL" in res:
2060 raise Exception("Failed to generate bootstrapping info")
2061 id1 = int(res)
2062
2063 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
2064 res = dev[1].request(cmd)
2065 if "FAIL" in res:
2066 raise Exception("Failed to set PKEX data (responder)")
2067
2068 cmd = "DPP_LISTEN 2437 role=enrollee"
2069 if "OK" not in dev[1].request(cmd):
2070 raise Exception("Failed to start listen operation")
2071
2072 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
2073 if result not in res:
2074 raise Exception("Unexpected result: " + res)
2075 if fail:
2076 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2077 if ev is None or fail not in ev:
2078 raise Exception("Failure not reported correctly: " + str(ev))
2079
2080 dev[1].request("DPP_STOP_LISTEN")
2081 dev[0].dump_monitor()
2082 dev[1].dump_monitor()
2083
2084 def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2085 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2086 check_dpp_capab(dev[0])
2087 check_dpp_capab(dev[1])
2088 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2089 "BootstrapResult,Errorsent",
2090 None),
2091 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2092 "BootstrapResult,Errorsent",
2093 "No DPP Status attribute"),
2094 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2095 "BootstrapResult,Errorsent",
2096 "No valid peer bootstrapping key found") ]
2097 for step, frame, attr, result, fail in tests:
2098 dev[0].request("FLUSH")
2099 dev[1].request("FLUSH")
2100 sigma = start_sigma_dut(dev[0].ifname)
2101 try:
2102 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2103 result, fail)
2104 finally:
2105 stop_sigma_dut(sigma)
2106
2107 def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2108 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2109 t.start()
2110 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
2111 t.join()
2112 if result not in res:
2113 raise Exception("Unexpected result: " + res)
2114 if fail:
2115 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2116 if ev is None or fail not in ev:
2117 raise Exception("Failure not reported correctly:" + str(ev))
2118
2119 dev[1].request("DPP_STOP_LISTEN")
2120 dev[0].dump_monitor()
2121 dev[1].dump_monitor()
2122
2123 def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2124 check_dpp_capab(dev[0])
2125 check_dpp_capab(dev[1])
2126
2127 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2128 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2129 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2130 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2131
2132 params = { "ssid": "DPPNET01",
2133 "wpa": "2",
2134 "ieee80211w": "2",
2135 "wpa_key_mgmt": "DPP",
2136 "rsn_pairwise": "CCMP",
2137 "dpp_connector": ap_connector,
2138 "dpp_csign": csign_pub,
2139 "dpp_netaccesskey": ap_netaccesskey }
2140 try:
2141 hapd = hostapd.add_ap(apdev[0], params)
2142 except:
2143 raise HwsimSkip("DPP not supported")
2144
2145 dev[0].set("dpp_config_processing", "2")
2146
2147 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2148 res = dev[1].request(cmd)
2149 if "FAIL" in res:
2150 raise Exception("Failed to add configurator")
2151 conf_id = int(res)
2152
2153 addr = dev[1].own_addr().replace(':', '')
2154 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2155 res = dev[1].request(cmd)
2156 if "FAIL" in res:
2157 raise Exception("Failed to generate bootstrapping info")
2158 id0 = int(res)
2159 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2160
2161 dev[1].set("dpp_configurator_params",
2162 " conf=sta-dpp ssid=%s configurator=%d" % ("DPPNET01".encode("hex"), conf_id))
2163 cmd = "DPP_LISTEN 2437 role=configurator"
2164 if "OK" not in dev[1].request(cmd):
2165 raise Exception("Failed to start listen operation")
2166
2167 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri0.encode('hex'))
2168 if "status,COMPLETE" not in res:
2169 raise Exception("dev_exec_action did not succeed: " + res)
2170
2171 def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2172 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2173 sigma = start_sigma_dut(dev[0].ifname)
2174 try:
2175 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2176
2177 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2178 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2179 raise Exception("Unexpected result: " + res)
2180 finally:
2181 dev[0].set("dpp_config_processing", "0")
2182 stop_sigma_dut(sigma)
2183
2184 def test_sigma_dut_dpp_self_config(dev, apdev):
2185 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2186 check_dpp_capab(dev[0])
2187
2188 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2189 check_dpp_capab(hapd)
2190
2191 sigma = start_sigma_dut(dev[0].ifname)
2192 try:
2193 dev[0].set("dpp_config_processing", "2")
2194 addr = hapd.own_addr().replace(':', '')
2195 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2196 res = hapd.request(cmd)
2197 if "FAIL" in res:
2198 raise Exception("Failed to generate bootstrapping info")
2199 id = int(res)
2200 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2201
2202 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2203 if "status,COMPLETE" not in res:
2204 raise Exception("dev_exec_action did not succeed: " + res)
2205
2206 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2207 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2208 raise Exception("Unexpected result: " + res)
2209 update_hapd_config(hapd)
2210
2211 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2212 res = sigma_dut_cmd(cmd, timeout=10)
2213 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2214 raise Exception("Unexpected result: " + res)
2215 finally:
2216 stop_sigma_dut(sigma)
2217 dev[0].set("dpp_config_processing", "0")
2218
2219 def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2220 """sigma_dut DPP AP Configurator using self-configuration"""
2221 logdir = os.path.join(params['logdir'],
2222 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2223 with HWSimRadio() as (radio, iface):
2224 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2225 try:
2226 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2227 finally:
2228 stop_sigma_dut(sigma)
2229 dev[0].set("dpp_config_processing", "0")
2230
2231 def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2232 check_dpp_capab(dev[0])
2233
2234 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2235
2236 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2237 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2238 raise Exception("Unexpected result: " + res)
2239
2240 dev[0].set("dpp_config_processing", "2")
2241
2242 addr = dev[0].own_addr().replace(':', '')
2243 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2244 res = dev[0].request(cmd)
2245 if "FAIL" in res:
2246 raise Exception("Failed to generate bootstrapping info")
2247 id = int(res)
2248 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2249 cmd = "DPP_LISTEN 2462 role=enrollee"
2250 if "OK" not in dev[0].request(cmd):
2251 raise Exception("Failed to start listen operation")
2252
2253 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % uri.encode('hex'))
2254 if "status,COMPLETE" not in res:
2255 raise Exception("dev_exec_action did not succeed: " + res)
2256 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2257 res = sigma_dut_cmd(cmd)
2258 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2259 raise Exception("Unexpected result: " + res)
2260 dev[0].wait_connected()
2261 dev[0].request("DISCONNECT")
2262 dev[0].wait_disconnected()
2263 sigma_dut_cmd_check("ap_reset_default")
2264
2265 def test_sigma_dut_preconfigured_profile(dev, apdev):
2266 """sigma_dut controlled connection using preconfigured profile"""
2267 try:
2268 run_sigma_dut_preconfigured_profile(dev, apdev)
2269 finally:
2270 dev[0].set("ignore_old_scan_res", "0")
2271
2272 def run_sigma_dut_preconfigured_profile(dev, apdev):
2273 ifname = dev[0].ifname
2274 sigma = start_sigma_dut(ifname)
2275
2276 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2277 hapd = hostapd.add_ap(apdev[0], params)
2278 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2279 only_add_network=True)
2280
2281 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2282 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2283 sigma_dut_wait_connected(ifname)
2284 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2285 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2286 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2287
2288 stop_sigma_dut(sigma)
2289
2290 def test_sigma_dut_wps_pbc(dev, apdev):
2291 """sigma_dut and WPS PBC Enrollee"""
2292 try:
2293 run_sigma_dut_wps_pbc(dev, apdev)
2294 finally:
2295 dev[0].set("ignore_old_scan_res", "0")
2296
2297 def run_sigma_dut_wps_pbc(dev, apdev):
2298 ssid = "test-wps-conf"
2299 hapd = hostapd.add_ap(apdev[0],
2300 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2301 "wpa_passphrase": "12345678", "wpa": "2",
2302 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2303 hapd.request("WPS_PBC")
2304
2305 ifname = dev[0].ifname
2306 sigma = start_sigma_dut(ifname)
2307
2308 cmd = "start_wps_registration,interface,%s" % ifname
2309 cmd += ",WpsRole,Enrollee"
2310 cmd += ",WpsConfigMethod,PBC"
2311 sigma_dut_cmd_check(cmd, timeout=15)
2312
2313 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2314 hapd.disable()
2315 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2316 stop_sigma_dut(sigma)
2317 dev[0].flush_scan_cache()
2318
2319 def test_sigma_dut_sta_scan_bss(dev, apdev):
2320 """sigma_dut sta_scan_bss"""
2321 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2322 sigma = start_sigma_dut(dev[0].ifname)
2323 try:
2324 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2325 hapd.own_addr())
2326 res = sigma_dut_cmd(cmd, timeout=10)
2327 if "ssid,test,bsschannel,1" not in res:
2328 raise Exception("Unexpected result: " + res)
2329 finally:
2330 stop_sigma_dut(sigma)
2331
2332 def test_sigma_dut_ap_osen(dev, apdev, params):
2333 """sigma_dut controlled AP with OSEN"""
2334 logdir = os.path.join(params['logdir'],
2335 "sigma_dut_ap_osen.sigma-hostapd")
2336 with HWSimRadio() as (radio, iface):
2337 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2338 try:
2339 sigma_dut_cmd_check("ap_reset_default")
2340 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2341 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2342 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2343 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2344
2345 # RSN-OSEN (for OSU)
2346 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2347 pairwise="CCMP", group="GTK_NOT_USED",
2348 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2349 ca_cert="auth_serv/ca.pem", scan_freq="2412")
2350
2351 sigma_dut_cmd_check("ap_reset_default")
2352 finally:
2353 stop_sigma_dut(sigma)
2354
2355 def test_sigma_dut_ap_eap_osen(dev, apdev, params):
2356 """sigma_dut controlled AP with EAP+OSEN"""
2357 logdir = os.path.join(params['logdir'],
2358 "sigma_dut_ap_eap_osen.sigma-hostapd")
2359 with HWSimRadio() as (radio, iface):
2360 sigma = start_sigma_dut(iface, bridge="ap-br0", hostapd_logdir=logdir)
2361 try:
2362 sigma_dut_cmd_check("ap_reset_default")
2363 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2364 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2365 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2366 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2367
2368 subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
2369 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2370
2371 # RSN-OSEN (for OSU)
2372 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2373 pairwise="CCMP",
2374 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2375 ca_cert="auth_serv/ca.pem", ieee80211w='2',
2376 scan_freq="2412")
2377 # RSN-EAP (for data connection)
2378 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
2379 identity="hs20-test", password="password",
2380 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
2381 ieee80211w='2', scan_freq="2412")
2382
2383 hwsim_utils.test_connectivity(dev[0], dev[1], broadcast=False,
2384 success_expected=False, timeout=1)
2385
2386 sigma_dut_cmd_check("ap_reset_default")
2387 finally:
2388 stop_sigma_dut(sigma)
2389 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2390 stderr=open('/dev/null', 'w'))
2391 subprocess.call(['brctl', 'delbr', 'ap-br0'],
2392 stderr=open('/dev/null', 'w'))
2393
2394 def test_sigma_dut_ap_eap(dev, apdev, params):
2395 """sigma_dut controlled AP WPA2-Enterprise"""
2396 logdir = os.path.join(params['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2397 with HWSimRadio() as (radio, iface):
2398 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2399 try:
2400 sigma_dut_cmd_check("ap_reset_default")
2401 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2402 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2403 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2404 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2405
2406 dev[0].connect("test-eap", key_mgmt="WPA-EAP", eap="GPSK",
2407 identity="gpsk user",
2408 password="abcdefghijklmnop0123456789abcdef",
2409 scan_freq="2412")
2410
2411 sigma_dut_cmd_check("ap_reset_default")
2412 finally:
2413 stop_sigma_dut(sigma)
2414
2415 def test_sigma_dut_ap_eap_sha256(dev, apdev, params):
2416 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2417 logdir = os.path.join(params['logdir'],
2418 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2419 with HWSimRadio() as (radio, iface):
2420 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2421 try:
2422 sigma_dut_cmd_check("ap_reset_default")
2423 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2424 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2425 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2426 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2427
2428 dev[0].connect("test-eap", key_mgmt="WPA-EAP-SHA256", eap="GPSK",
2429 identity="gpsk user",
2430 password="abcdefghijklmnop0123456789abcdef",
2431 scan_freq="2412")
2432
2433 sigma_dut_cmd_check("ap_reset_default")
2434 finally:
2435 stop_sigma_dut(sigma)
2436
2437 def test_sigma_dut_ap_ft_eap(dev, apdev, params):
2438 """sigma_dut controlled AP FT-EAP"""
2439 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2440 with HWSimRadio() as (radio, iface):
2441 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2442 try:
2443 sigma_dut_cmd_check("ap_reset_default")
2444 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2445 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2446 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2447 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2448
2449 dev[0].connect("test-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2450 identity="gpsk user",
2451 password="abcdefghijklmnop0123456789abcdef",
2452 scan_freq="2412")
2453
2454 sigma_dut_cmd_check("ap_reset_default")
2455 finally:
2456 stop_sigma_dut(sigma)
2457
2458 def test_sigma_dut_ap_ft_psk(dev, apdev, params):
2459 """sigma_dut controlled AP FT-PSK"""
2460 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2461 with HWSimRadio() as (radio, iface):
2462 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2463 try:
2464 sigma_dut_cmd_check("ap_reset_default")
2465 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2466 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2467 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2468
2469 dev[0].connect("test-ft-psk", key_mgmt="FT-PSK", psk="12345678",
2470 scan_freq="2412")
2471
2472 sigma_dut_cmd_check("ap_reset_default")
2473 finally:
2474 stop_sigma_dut(sigma)
2475
2476 def test_sigma_dut_ap_ent_ft_eap(dev, apdev, params):
2477 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2478 logdir = os.path.join(params['logdir'],
2479 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2480 with HWSimRadio() as (radio, iface):
2481 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2482 try:
2483 sigma_dut_cmd_check("ap_reset_default")
2484 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2485 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2486 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2487 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2488
2489 dev[0].connect("test-ent-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2490 identity="gpsk user",
2491 password="abcdefghijklmnop0123456789abcdef",
2492 scan_freq="2412")
2493 dev[1].connect("test-ent-ft-eap", key_mgmt="WPA-EAP", eap="GPSK",
2494 identity="gpsk user",
2495 password="abcdefghijklmnop0123456789abcdef",
2496 scan_freq="2412")
2497
2498 sigma_dut_cmd_check("ap_reset_default")
2499 finally:
2500 stop_sigma_dut(sigma)
2501
2502 def test_sigma_dut_venue_url(dev, apdev):
2503 """sigma_dut controlled Venue URL fetch"""
2504 try:
2505 run_sigma_dut_venue_url(dev, apdev)
2506 finally:
2507 dev[0].set("ignore_old_scan_res", "0")
2508
2509 def run_sigma_dut_venue_url(dev, apdev):
2510 ifname = dev[0].ifname
2511 sigma = start_sigma_dut(ifname, debug=True)
2512
2513 ssid = "venue"
2514 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
2515 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2516 params["ieee80211w"] = "2"
2517
2518 venue_group = 1
2519 venue_type = 13
2520 venue_info = struct.pack('BB', venue_group, venue_type)
2521 lang1 = "eng"
2522 name1= "Example venue"
2523 lang2 = "fin"
2524 name2 = "Esimerkkipaikka"
2525 venue1 = struct.pack('B', len(lang1 + name1)) + lang1 + name1
2526 venue2 = struct.pack('B', len(lang2 + name2)) + lang2 + name2
2527 venue_name = binascii.hexlify(venue_info + venue1 + venue2)
2528
2529 url1 = "http://example.com/venue"
2530 url2 = "https://example.org/venue-info/"
2531 params["venue_group"] = str(venue_group)
2532 params["venue_type"] = str(venue_type)
2533 params["venue_name"] = [ lang1 + ":" + name1, lang2 + ":" + name2 ]
2534 params["venue_url"] = [ "1:" + url1, "2:" + url2 ]
2535
2536 hapd = hostapd.add_ap(apdev[0], params)
2537
2538 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
2539 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2540 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "venue", "12345678"))
2541 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "venue"))
2542 sigma_dut_wait_connected(ifname)
2543 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2544 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname + ",Display,Yes")
2545 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2546 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2547
2548 stop_sigma_dut(sigma)
2549
2550 def test_sigma_dut_hs20_assoc_24(dev, apdev):
2551 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2552 run_sigma_dut_hs20_assoc(dev, apdev, True)
2553
2554 def test_sigma_dut_hs20_assoc_5(dev, apdev):
2555 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2556 run_sigma_dut_hs20_assoc(dev, apdev, False)
2557
2558 def run_sigma_dut_hs20_assoc(dev, apdev, band24):
2559 hapd0 = None
2560 hapd1 = None
2561 try:
2562 bssid0 = apdev[0]['bssid']
2563 params = hs20_ap_params()
2564 params['hessid'] = bssid0
2565 hapd0 = hostapd.add_ap(apdev[0], params)
2566
2567 bssid1 = apdev[1]['bssid']
2568 params = hs20_ap_params()
2569 params['hessid'] = bssid0
2570 params["hw_mode"] = "a"
2571 params["channel"] = "36"
2572 params["country_code"] = "US"
2573 hapd1 = hostapd.add_ap(apdev[1], params)
2574
2575 band = "2.4" if band24 else "5"
2576 exp_bssid = bssid0 if band24 else bssid1
2577 run_sigma_dut_hs20_assoc_2(dev, apdev, band, exp_bssid)
2578 finally:
2579 dev[0].request("DISCONNECT")
2580 if hapd0:
2581 hapd0.request("DISABLE")
2582 if hapd1:
2583 hapd1.request("DISABLE")
2584 subprocess.call(['iw', 'reg', 'set', '00'])
2585 dev[0].flush_scan_cache()
2586
2587 def run_sigma_dut_hs20_assoc_2(dev, apdev, band, expect_bssid):
2588 check_eap_capa(dev[0], "MSCHAPV2")
2589 dev[0].flush_scan_cache()
2590
2591 ifname = dev[0].ifname
2592 sigma = start_sigma_dut(ifname, debug=True)
2593
2594 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname)
2595 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2596 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname)
2597 res = sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname, band),
2598 timeout=15)
2599 sigma_dut_wait_connected(ifname)
2600 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2601 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2602 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2603
2604 stop_sigma_dut(sigma)
2605
2606 if "BSSID," + expect_bssid not in res:
2607 raise Exception("Unexpected BSSID: " + res)
2608
2609 def test_sigma_dut_ap_hs20(dev, apdev, params):
2610 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2611 logdir = os.path.join(params['logdir'],
2612 "sigma_dut_ap_hs20.sigma-hostapd")
2613 with HWSimRadio() as (radio, iface):
2614 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2615 try:
2616 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2617 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2618 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2619 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2620 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
2621 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
2622 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2623 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2624 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2625 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2626 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2627 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
2628 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
2629 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2630
2631 with open("/tmp/sigma_dut-ap.conf", "r") as f:
2632 logger.debug("hostapd.conf from sigma_dut:\n" + f.read())
2633
2634 sigma_dut_cmd_check("ap_reset_default")
2635 finally:
2636 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.