]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_sigma_dut.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Enable needed SAE groups explicitly in sigma_dut_sae
[thirdparty/hostap.git] / tests / hwsim / test_sigma_dut.py
1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import binascii
8 import logging
9 logger = logging.getLogger()
10 import os
11 import socket
12 import struct
13 import subprocess
14 import threading
15 import time
16
17 import hostapd
18 from utils import HwsimSkip
19 from hwsim import HWSimRadio
20 import hwsim_utils
21 from test_dpp import check_dpp_capab, update_hapd_config
22 from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
23 from test_ap_eap import check_eap_capa
24 from test_ap_hs20 import hs20_ap_params
25
26 def check_sigma_dut():
27 if not os.path.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
29
30 def to_hex(s):
31 return binascii.hexlify(s.encode()).decode()
32
33 def from_hex(s):
34 return binascii.unhexlify(s).decode()
35
36 def sigma_dut_cmd(cmd, port=9000, timeout=2):
37 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
38 socket.IPPROTO_TCP)
39 sock.settimeout(timeout)
40 addr = ('127.0.0.1', port)
41 sock.connect(addr)
42 sock.send(cmd.encode() + b"\r\n")
43 try:
44 res = sock.recv(1000).decode()
45 running = False
46 done = False
47 for line in res.splitlines():
48 if line.startswith("status,RUNNING"):
49 running = True
50 elif line.startswith("status,INVALID"):
51 done = True
52 elif line.startswith("status,ERROR"):
53 done = True
54 elif line.startswith("status,COMPLETE"):
55 done = True
56 if running and not done:
57 # Read the actual response
58 res = sock.recv(1000).decode()
59 except:
60 res = ''
61 pass
62 sock.close()
63 res = res.rstrip()
64 logger.debug("sigma_dut: '%s' --> '%s'" % (cmd, res))
65 return res
66
67 def sigma_dut_cmd_check(cmd, port=9000, timeout=2):
68 res = sigma_dut_cmd(cmd, port=port, timeout=timeout)
69 if "COMPLETE" not in res:
70 raise Exception("sigma_dut command failed: " + cmd)
71 return res
72
73 def start_sigma_dut(ifname, debug=False, hostapd_logdir=None, cert_path=None,
74 bridge=None):
75 check_sigma_dut()
76 cmd = [ './sigma_dut',
77 '-M', ifname,
78 '-S', ifname,
79 '-F', '../../hostapd/hostapd',
80 '-G',
81 '-w', '/var/run/wpa_supplicant/',
82 '-j', ifname ]
83 if debug:
84 cmd += [ '-d' ]
85 if hostapd_logdir:
86 cmd += [ '-H', hostapd_logdir ]
87 if cert_path:
88 cmd += [ '-C', cert_path ]
89 if bridge:
90 cmd += [ '-b', bridge ]
91 sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
92 stderr=subprocess.PIPE)
93 for i in range(20):
94 try:
95 res = sigma_dut_cmd("HELLO")
96 break
97 except:
98 time.sleep(0.05)
99 return sigma
100
101 def stop_sigma_dut(sigma):
102 sigma.terminate()
103 sigma.wait()
104 out, err = sigma.communicate()
105 logger.debug("sigma_dut stdout: " + str(out.decode()))
106 logger.debug("sigma_dut stderr: " + str(err.decode()))
107
108 def sigma_dut_wait_connected(ifname):
109 for i in range(50):
110 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
111 if "connected,1" in res:
112 break
113 time.sleep(0.2)
114 if i == 49:
115 raise Exception("Connection did not complete")
116
117 def test_sigma_dut_basic(dev, apdev):
118 """sigma_dut basic functionality"""
119 sigma = start_sigma_dut(dev[0].ifname)
120
121 res = sigma_dut_cmd("UNKNOWN")
122 if "status,INVALID,errorCode,Unknown command" not in res:
123 raise Exception("Unexpected sigma_dut response to unknown command")
124
125 tests = [ ("ca_get_version", "status,COMPLETE,version,1.0"),
126 ("device_get_info", "status,COMPLETE,vendor"),
127 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
128 ("device_list_interfaces,interfaceType,802.11",
129 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev[0].ifname) ]
130 for cmd, response in tests:
131 res = sigma_dut_cmd(cmd)
132 if response not in res:
133 raise Exception("Unexpected %s response: %s" % (cmd, res))
134
135 stop_sigma_dut(sigma)
136
137 def test_sigma_dut_open(dev, apdev):
138 """sigma_dut controlled open network association"""
139 try:
140 run_sigma_dut_open(dev, apdev)
141 finally:
142 dev[0].set("ignore_old_scan_res", "0")
143
144 def run_sigma_dut_open(dev, apdev):
145 ifname = dev[0].ifname
146 sigma = start_sigma_dut(ifname)
147
148 hapd = hostapd.add_ap(apdev[0], { "ssid": "open" })
149
150 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
151 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname, "open"))
152 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "open"))
153 sigma_dut_wait_connected(ifname)
154 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
155 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
156 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
157
158 stop_sigma_dut(sigma)
159
160 def test_sigma_dut_psk_pmf(dev, apdev):
161 """sigma_dut controlled PSK+PMF association"""
162 try:
163 run_sigma_dut_psk_pmf(dev, apdev)
164 finally:
165 dev[0].set("ignore_old_scan_res", "0")
166
167 def run_sigma_dut_psk_pmf(dev, apdev):
168 ifname = dev[0].ifname
169 sigma = start_sigma_dut(ifname)
170
171 ssid = "test-pmf-required"
172 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
173 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
174 params["ieee80211w"] = "2"
175 hapd = hostapd.add_ap(apdev[0], params)
176
177 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
178 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
179 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "test-pmf-required", "12345678"))
180 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
181 sigma_dut_wait_connected(ifname)
182 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
183 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
184 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
185
186 stop_sigma_dut(sigma)
187
188 def test_sigma_dut_psk_pmf_bip_cmac_128(dev, apdev):
189 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
190 try:
191 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-128", "AES-128-CMAC")
192 finally:
193 dev[0].set("ignore_old_scan_res", "0")
194
195 def test_sigma_dut_psk_pmf_bip_cmac_256(dev, apdev):
196 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
197 try:
198 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-CMAC-256", "BIP-CMAC-256")
199 finally:
200 dev[0].set("ignore_old_scan_res", "0")
201
202 def test_sigma_dut_psk_pmf_bip_gmac_128(dev, apdev):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
204 try:
205 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-128", "BIP-GMAC-128")
206 finally:
207 dev[0].set("ignore_old_scan_res", "0")
208
209 def test_sigma_dut_psk_pmf_bip_gmac_256(dev, apdev):
210 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
211 try:
212 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "BIP-GMAC-256")
213 finally:
214 dev[0].set("ignore_old_scan_res", "0")
215
216 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev, apdev):
217 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
218 try:
219 run_sigma_dut_psk_pmf_cipher(dev, apdev, "BIP-GMAC-256", "AES-128-CMAC",
220 failure=True)
221 finally:
222 dev[0].set("ignore_old_scan_res", "0")
223
224 def run_sigma_dut_psk_pmf_cipher(dev, apdev, sigma_cipher, hostapd_cipher,
225 failure=False):
226 ifname = dev[0].ifname
227 sigma = start_sigma_dut(ifname)
228
229 ssid = "test-pmf-required"
230 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
231 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
232 params["ieee80211w"] = "2"
233 params["group_mgmt_cipher"] = hostapd_cipher
234 hapd = hostapd.add_ap(apdev[0], params)
235
236 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
237 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
238 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname, "test-pmf-required", "12345678", sigma_cipher))
239 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-pmf-required"))
240 if failure:
241 ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
242 "CTRL-EVENT-CONNECTED"], timeout=10)
243 if ev is None:
244 raise Exception("Network selection result not indicated")
245 if "CTRL-EVENT-CONNECTED" in ev:
246 raise Exception("Unexpected connection")
247 res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
248 if "connected,1" in res:
249 raise Exception("Connection reported")
250 else:
251 sigma_dut_wait_connected(ifname)
252 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
253
254 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
255 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
256
257 stop_sigma_dut(sigma)
258
259 def test_sigma_dut_sae(dev, apdev):
260 """sigma_dut controlled SAE association"""
261 if "SAE" not in dev[0].get_capability("auth_alg"):
262 raise HwsimSkip("SAE not supported")
263
264 ifname = dev[0].ifname
265 sigma = start_sigma_dut(ifname)
266
267 ssid = "test-sae"
268 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
269 params['wpa_key_mgmt'] = 'SAE'
270 params["ieee80211w"] = "2"
271 params['sae_groups'] = '19 20 21'
272 hapd = hostapd.add_ap(apdev[0], params)
273
274 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
275 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
276 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", "12345678"))
277 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
278 sigma_dut_wait_connected(ifname)
279 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
280 if dev[0].get_status_field('sae_group') != '19':
281 raise Exception("Expected default SAE group not used")
282 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
283
284 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
285
286 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
287 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname, "test-sae", "12345678"))
288 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
289 sigma_dut_wait_connected(ifname)
290 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
291 if dev[0].get_status_field('sae_group') != '20':
292 raise Exception("Expected SAE group not used")
293 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
294 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
295
296 stop_sigma_dut(sigma)
297
298 def test_sigma_dut_sae_password(dev, apdev):
299 """sigma_dut controlled SAE association and long password"""
300 if "SAE" not in dev[0].get_capability("auth_alg"):
301 raise HwsimSkip("SAE not supported")
302
303 ifname = dev[0].ifname
304 sigma = start_sigma_dut(ifname)
305
306 try:
307 ssid = "test-sae"
308 params = hostapd.wpa2_params(ssid=ssid)
309 params['sae_password'] = 100*'B'
310 params['wpa_key_mgmt'] = 'SAE'
311 params["ieee80211w"] = "2"
312 hapd = hostapd.add_ap(apdev[0], params)
313
314 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
315 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
316 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname, "test-sae", 100*'B'))
317 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"))
318 sigma_dut_wait_connected(ifname)
319 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
320 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
321 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
322 finally:
323 stop_sigma_dut(sigma)
324
325 def test_sigma_dut_sta_override_rsne(dev, apdev):
326 """sigma_dut and RSNE override on STA"""
327 try:
328 run_sigma_dut_sta_override_rsne(dev, apdev)
329 finally:
330 dev[0].set("ignore_old_scan_res", "0")
331
332 def run_sigma_dut_sta_override_rsne(dev, apdev):
333 ifname = dev[0].ifname
334 sigma = start_sigma_dut(ifname)
335
336 ssid = "test-psk"
337 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
338 hapd = hostapd.add_ap(apdev[0], params)
339
340 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
341
342 tests = [ "30120100000fac040100000fac040100000fac02",
343 "30140100000fac040100000fac040100000fac02ffff" ]
344 for test in tests:
345 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
346 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname, test))
347 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
348 sigma_dut_wait_connected(ifname)
349 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
350 dev[0].dump_monitor()
351
352 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname, "test-psk", "12345678"))
353 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname)
354 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-psk"))
355
356 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
357 if ev is None:
358 raise Exception("Association rejection not reported")
359 if "status_code=40" not in ev:
360 raise Exception("Unexpected status code: " + ev)
361
362 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
363
364 stop_sigma_dut(sigma)
365
366 def test_sigma_dut_ap_psk(dev, apdev):
367 """sigma_dut controlled AP"""
368 with HWSimRadio() as (radio, iface):
369 sigma = start_sigma_dut(iface)
370 try:
371 sigma_dut_cmd_check("ap_reset_default")
372 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
373 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
374 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
375
376 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
377
378 sigma_dut_cmd_check("ap_reset_default")
379 finally:
380 stop_sigma_dut(sigma)
381
382 def test_sigma_dut_ap_pskhex(dev, apdev, params):
383 """sigma_dut controlled AP and PSKHEX"""
384 logdir = os.path.join(params['logdir'],
385 "sigma_dut_ap_pskhex.sigma-hostapd")
386 with HWSimRadio() as (radio, iface):
387 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
388 try:
389 psk = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
390 sigma_dut_cmd_check("ap_reset_default")
391 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
392 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk)
393 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
394
395 dev[0].connect("test-psk", raw_psk=psk, scan_freq="2412")
396
397 sigma_dut_cmd_check("ap_reset_default")
398 finally:
399 stop_sigma_dut(sigma)
400
401 def test_sigma_dut_ap_psk_sha256(dev, apdev, params):
402 """sigma_dut controlled AP PSK SHA256"""
403 logdir = os.path.join(params['logdir'],
404 "sigma_dut_ap_psk_sha256.sigma-hostapd")
405 with HWSimRadio() as (radio, iface):
406 sigma = start_sigma_dut(iface)
407 try:
408 sigma_dut_cmd_check("ap_reset_default")
409 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
410 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
411 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
412
413 dev[0].connect("test-psk", key_mgmt="WPA-PSK-SHA256",
414 psk="12345678", scan_freq="2412")
415
416 sigma_dut_cmd_check("ap_reset_default")
417 finally:
418 stop_sigma_dut(sigma)
419
420 def test_sigma_dut_suite_b(dev, apdev, params):
421 """sigma_dut controlled STA Suite B"""
422 check_suite_b_192_capa(dev)
423 logdir = params['logdir']
424
425 with open("auth_serv/ec2-ca.pem", "r") as f:
426 with open(os.path.join(logdir, "suite_b_ca.pem"), "w") as f2:
427 f2.write(f.read())
428
429 with open("auth_serv/ec2-user.pem", "r") as f:
430 with open("auth_serv/ec2-user.key", "r") as f2:
431 with open(os.path.join(logdir, "suite_b.pem"), "w") as f3:
432 f3.write(f.read())
433 f3.write(f2.read())
434
435 dev[0].flush_scan_cache()
436 params = suite_b_as_params()
437 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
438 params['server_cert'] = 'auth_serv/ec2-server.pem'
439 params['private_key'] = 'auth_serv/ec2-server.key'
440 params['openssl_ciphers'] = 'SUITEB192'
441 hostapd.add_ap(apdev[1], params)
442
443 params = { "ssid": "test-suite-b",
444 "wpa": "2",
445 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
446 "rsn_pairwise": "GCMP-256",
447 "group_mgmt_cipher": "BIP-GMAC-256",
448 "ieee80211w": "2",
449 "ieee8021x": "1",
450 'auth_server_addr': "127.0.0.1",
451 'auth_server_port': "18129",
452 'auth_server_shared_secret': "radius",
453 'nas_identifier': "nas.w1.fi" }
454 hapd = hostapd.add_ap(apdev[0], params)
455
456 ifname = dev[0].ifname
457 sigma = start_sigma_dut(ifname, cert_path=logdir)
458
459 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
460 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
461 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
462 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
463 sigma_dut_wait_connected(ifname)
464 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
465 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
466 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
467
468 stop_sigma_dut(sigma)
469
470 def test_sigma_dut_suite_b_rsa(dev, apdev, params):
471 """sigma_dut controlled STA Suite B (RSA)"""
472 check_suite_b_192_capa(dev)
473 logdir = params['logdir']
474
475 with open("auth_serv/rsa3072-ca.pem", "r") as f:
476 with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
477 f2.write(f.read())
478
479 with open("auth_serv/rsa3072-user.pem", "r") as f:
480 with open("auth_serv/rsa3072-user.key", "r") as f2:
481 with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
482 f3.write(f.read())
483 f3.write(f2.read())
484
485 dev[0].flush_scan_cache()
486 params = suite_b_192_rsa_ap_params()
487 hapd = hostapd.add_ap(apdev[0], params)
488
489 ifname = dev[0].ifname
490 sigma = start_sigma_dut(ifname, cert_path=logdir)
491
492 cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
493
494 tests = [ "",
495 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
496 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
497 for extra in tests:
498 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
499 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
500 sigma_dut_cmd_check(cmd + extra)
501 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
502 sigma_dut_wait_connected(ifname)
503 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
504 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
505 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
506
507 stop_sigma_dut(sigma)
508
509 def test_sigma_dut_ap_suite_b(dev, apdev, params):
510 """sigma_dut controlled AP Suite B"""
511 check_suite_b_192_capa(dev)
512 logdir = os.path.join(params['logdir'],
513 "sigma_dut_ap_suite_b.sigma-hostapd")
514 params = suite_b_as_params()
515 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
516 params['server_cert'] = 'auth_serv/ec2-server.pem'
517 params['private_key'] = 'auth_serv/ec2-server.key'
518 params['openssl_ciphers'] = 'SUITEB192'
519 hostapd.add_ap(apdev[1], params)
520 with HWSimRadio() as (radio, iface):
521 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
522 try:
523 sigma_dut_cmd_check("ap_reset_default")
524 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
525 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
526 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
527 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
528
529 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
530 ieee80211w="2",
531 openssl_ciphers="SUITEB192",
532 eap="TLS", identity="tls user",
533 ca_cert="auth_serv/ec2-ca.pem",
534 client_cert="auth_serv/ec2-user.pem",
535 private_key="auth_serv/ec2-user.key",
536 pairwise="GCMP-256", group="GCMP-256",
537 scan_freq="2412")
538
539 sigma_dut_cmd_check("ap_reset_default")
540 finally:
541 stop_sigma_dut(sigma)
542
543 def test_sigma_dut_ap_cipher_gcmp_128(dev, apdev, params):
544 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
545 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-128", "BIP-GMAC-128",
546 "GCMP")
547
548 def test_sigma_dut_ap_cipher_gcmp_256(dev, apdev, params):
549 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
550 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
551 "GCMP-256")
552
553 def test_sigma_dut_ap_cipher_ccmp_128(dev, apdev, params):
554 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
555 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128", "BIP-CMAC-128",
556 "CCMP")
557
558 def test_sigma_dut_ap_cipher_ccmp_256(dev, apdev, params):
559 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
560 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-256", "BIP-CMAC-256",
561 "CCMP-256")
562
563 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev, apdev, params):
564 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
565 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
566 "BIP-GMAC-256", "CCMP")
567
568 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev, apdev, params):
569 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
570 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-CCMP-128 AES-GCMP-256",
571 "BIP-GMAC-256", "GCMP-256", "CCMP")
572
573 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev, apdev, params):
574 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
575 run_sigma_dut_ap_cipher(dev, apdev, params, "AES-GCMP-256", "BIP-GMAC-256",
576 "GCMP-256", "CCMP", "AES-CCMP-128")
577
578 def run_sigma_dut_ap_cipher(dev, apdev, params, ap_pairwise, ap_group_mgmt,
579 sta_cipher, sta_cipher_group=None, ap_group=None):
580 check_suite_b_192_capa(dev)
581 logdir = os.path.join(params['logdir'],
582 "sigma_dut_ap_cipher.sigma-hostapd")
583 params = suite_b_as_params()
584 params['ca_cert'] = 'auth_serv/ec2-ca.pem'
585 params['server_cert'] = 'auth_serv/ec2-server.pem'
586 params['private_key'] = 'auth_serv/ec2-server.key'
587 params['openssl_ciphers'] = 'SUITEB192'
588 hostapd.add_ap(apdev[1], params)
589 with HWSimRadio() as (radio, iface):
590 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
591 try:
592 sigma_dut_cmd_check("ap_reset_default")
593 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
594 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
595 cmd = "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise, ap_group_mgmt)
596 if ap_group:
597 cmd += ",GroupCipher,%s" % ap_group
598 sigma_dut_cmd_check(cmd)
599 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
600
601 if sta_cipher_group is None:
602 sta_cipher_group = sta_cipher
603 dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
604 ieee80211w="2",
605 openssl_ciphers="SUITEB192",
606 eap="TLS", identity="tls user",
607 ca_cert="auth_serv/ec2-ca.pem",
608 client_cert="auth_serv/ec2-user.pem",
609 private_key="auth_serv/ec2-user.key",
610 pairwise=sta_cipher, group=sta_cipher_group,
611 scan_freq="2412")
612
613 sigma_dut_cmd_check("ap_reset_default")
614 finally:
615 stop_sigma_dut(sigma)
616
617 def test_sigma_dut_ap_override_rsne(dev, apdev):
618 """sigma_dut controlled AP overriding RSNE"""
619 with HWSimRadio() as (radio, iface):
620 sigma = start_sigma_dut(iface)
621 try:
622 sigma_dut_cmd_check("ap_reset_default")
623 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
624 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
625 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface)
626 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
627
628 dev[0].connect("test-psk", psk="12345678", scan_freq="2412")
629
630 sigma_dut_cmd_check("ap_reset_default")
631 finally:
632 stop_sigma_dut(sigma)
633
634 def test_sigma_dut_ap_sae(dev, apdev, params):
635 """sigma_dut controlled AP with SAE"""
636 logdir = os.path.join(params['logdir'],
637 "sigma_dut_ap_sae.sigma-hostapd")
638 if "SAE" not in dev[0].get_capability("auth_alg"):
639 raise HwsimSkip("SAE not supported")
640 with HWSimRadio() as (radio, iface):
641 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
642 try:
643 sigma_dut_cmd_check("ap_reset_default")
644 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
645 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
646 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
647
648 dev[0].request("SET sae_groups ")
649 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
650 ieee80211w="2", scan_freq="2412")
651 if dev[0].get_status_field('sae_group') != '19':
652 raise Exception("Expected default SAE group not used")
653
654 sigma_dut_cmd_check("ap_reset_default")
655 finally:
656 stop_sigma_dut(sigma)
657
658 def test_sigma_dut_ap_sae_password(dev, apdev, params):
659 """sigma_dut controlled AP with SAE and long password"""
660 logdir = os.path.join(params['logdir'],
661 "sigma_dut_ap_sae_password.sigma-hostapd")
662 if "SAE" not in dev[0].get_capability("auth_alg"):
663 raise HwsimSkip("SAE not supported")
664 with HWSimRadio() as (radio, iface):
665 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
666 try:
667 sigma_dut_cmd_check("ap_reset_default")
668 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
669 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
670 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
671
672 dev[0].request("SET sae_groups ")
673 dev[0].connect("test-sae", key_mgmt="SAE", sae_password=100*'C',
674 ieee80211w="2", scan_freq="2412")
675 if dev[0].get_status_field('sae_group') != '19':
676 raise Exception("Expected default SAE group not used")
677
678 sigma_dut_cmd_check("ap_reset_default")
679 finally:
680 stop_sigma_dut(sigma)
681
682 def test_sigma_dut_ap_sae_group(dev, apdev, params):
683 """sigma_dut controlled AP with SAE and specific group"""
684 logdir = os.path.join(params['logdir'],
685 "sigma_dut_ap_sae_group.sigma-hostapd")
686 if "SAE" not in dev[0].get_capability("auth_alg"):
687 raise HwsimSkip("SAE not supported")
688 with HWSimRadio() as (radio, iface):
689 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
690 try:
691 sigma_dut_cmd_check("ap_reset_default")
692 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
693 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
694 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
695
696 dev[0].request("SET sae_groups ")
697 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
698 ieee80211w="2", scan_freq="2412")
699 if dev[0].get_status_field('sae_group') != '20':
700 raise Exception("Expected SAE group not used")
701
702 sigma_dut_cmd_check("ap_reset_default")
703 finally:
704 stop_sigma_dut(sigma)
705
706 def test_sigma_dut_ap_psk_sae(dev, apdev, params):
707 """sigma_dut controlled AP with PSK+SAE"""
708 if "SAE" not in dev[0].get_capability("auth_alg"):
709 raise HwsimSkip("SAE not supported")
710 logdir = os.path.join(params['logdir'],
711 "sigma_dut_ap_psk_sae.sigma-hostapd")
712 with HWSimRadio() as (radio, iface):
713 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
714 try:
715 sigma_dut_cmd_check("ap_reset_default")
716 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
717 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
718 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
719
720 dev[2].request("SET sae_groups ")
721 dev[2].connect("test-sae", key_mgmt="SAE", psk="12345678",
722 scan_freq="2412", ieee80211w="0", wait_connect=False)
723 dev[0].request("SET sae_groups ")
724 dev[0].connect("test-sae", key_mgmt="SAE", psk="12345678",
725 scan_freq="2412", ieee80211w="2")
726 dev[1].connect("test-sae", psk="12345678", scan_freq="2412")
727
728 ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
729 dev[2].request("DISCONNECT")
730 if ev is not None:
731 raise Exception("Unexpected connection without PMF")
732
733 sigma_dut_cmd_check("ap_reset_default")
734 finally:
735 stop_sigma_dut(sigma)
736
737 def test_sigma_dut_owe(dev, apdev):
738 """sigma_dut controlled OWE station"""
739 try:
740 run_sigma_dut_owe(dev, apdev)
741 finally:
742 dev[0].set("ignore_old_scan_res", "0")
743
744 def run_sigma_dut_owe(dev, apdev):
745 if "OWE" not in dev[0].get_capability("key_mgmt"):
746 raise HwsimSkip("OWE not supported")
747
748 ifname = dev[0].ifname
749 sigma = start_sigma_dut(ifname)
750
751 try:
752 params = { "ssid": "owe",
753 "wpa": "2",
754 "wpa_key_mgmt": "OWE",
755 "ieee80211w": "2",
756 "rsn_pairwise": "CCMP" }
757 hapd = hostapd.add_ap(apdev[0], params)
758 bssid = hapd.own_addr()
759
760 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
761 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
762 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname)
763 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
764 sigma_dut_wait_connected(ifname)
765 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
766
767 dev[0].dump_monitor()
768 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname, bssid))
769 dev[0].wait_connected()
770 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
771 dev[0].wait_disconnected()
772 dev[0].dump_monitor()
773
774 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
775 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
776 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
777 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
778 sigma_dut_wait_connected(ifname)
779 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
780 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
781 dev[0].wait_disconnected()
782 dev[0].dump_monitor()
783
784 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
785 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
786 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname)
787 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname)
788 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
789 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
790 if ev is None:
791 raise Exception("Association not rejected")
792 if "status_code=77" not in ev:
793 raise Exception("Unexpected rejection reason: " + ev)
794
795 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
796 finally:
797 stop_sigma_dut(sigma)
798
799 def test_sigma_dut_ap_owe(dev, apdev, params):
800 """sigma_dut controlled AP with OWE"""
801 logdir = os.path.join(params['logdir'],
802 "sigma_dut_ap_owe.sigma-hostapd")
803 if "OWE" not in dev[0].get_capability("key_mgmt"):
804 raise HwsimSkip("OWE not supported")
805 with HWSimRadio() as (radio, iface):
806 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
807 try:
808 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
809 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
810 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
811 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
812
813 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
814 scan_freq="2412")
815
816 sigma_dut_cmd_check("ap_reset_default")
817 finally:
818 stop_sigma_dut(sigma)
819
820 def test_sigma_dut_ap_owe_ecgroupid(dev, apdev):
821 """sigma_dut controlled AP with OWE and ECGroupID"""
822 if "OWE" not in dev[0].get_capability("key_mgmt"):
823 raise HwsimSkip("OWE not supported")
824 with HWSimRadio() as (radio, iface):
825 sigma = start_sigma_dut(iface)
826 try:
827 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
828 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
829 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
830 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
831
832 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
833 owe_group="20", scan_freq="2412")
834 dev[0].request("REMOVE_NETWORK all")
835 dev[0].wait_disconnected()
836
837 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
838 owe_group="21", scan_freq="2412")
839 dev[0].request("REMOVE_NETWORK all")
840 dev[0].wait_disconnected()
841
842 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
843 owe_group="19", scan_freq="2412", wait_connect=False)
844 ev = dev[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout=10)
845 dev[0].request("DISCONNECT")
846 if ev is None:
847 raise Exception("Association not rejected")
848 if "status_code=77" not in ev:
849 raise Exception("Unexpected rejection reason: " + ev)
850 dev[0].dump_monitor()
851
852 sigma_dut_cmd_check("ap_reset_default")
853 finally:
854 stop_sigma_dut(sigma)
855
856 def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
857 """sigma_dut controlled AP with OWE and transition mode"""
858 if "OWE" not in dev[0].get_capability("key_mgmt"):
859 raise HwsimSkip("OWE not supported")
860 logdir = os.path.join(params['logdir'],
861 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
862 with HWSimRadio() as (radio, iface):
863 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
864 try:
865 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
866 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
867 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
868 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
869 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
870 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
871
872 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
873 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
874
875 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
876 scan_freq="2412")
877 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
878 if dev[0].get_status_field('bssid') not in res1:
879 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1)
880 if dev[1].get_status_field('bssid') not in res2:
881 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2)
882
883 sigma_dut_cmd_check("ap_reset_default")
884 finally:
885 stop_sigma_dut(sigma)
886
887 def test_sigma_dut_ap_owe_transition_mode_2(dev, apdev, params):
888 """sigma_dut controlled AP with OWE and transition mode (2)"""
889 if "OWE" not in dev[0].get_capability("key_mgmt"):
890 raise HwsimSkip("OWE not supported")
891 logdir = os.path.join(params['logdir'],
892 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
893 with HWSimRadio() as (radio, iface):
894 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
895 try:
896 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
897 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
898 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
899 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
900 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
901 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
902
903 res1 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
904 res2 = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
905
906 dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
907 scan_freq="2412")
908 dev[1].connect("owe", key_mgmt="NONE", scan_freq="2412")
909 if dev[0].get_status_field('bssid') not in res2:
910 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1)
911 if dev[1].get_status_field('bssid') not in res1:
912 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2)
913
914 sigma_dut_cmd_check("ap_reset_default")
915 finally:
916 stop_sigma_dut(sigma)
917
918 def dpp_init_enrollee(dev, id1):
919 logger.info("Starting DPP initiator/enrollee in a thread")
920 time.sleep(1)
921 cmd = "DPP_AUTH_INIT peer=%d role=enrollee" % id1
922 if "OK" not in dev.request(cmd):
923 raise Exception("Failed to initiate DPP Authentication")
924 ev = dev.wait_event(["DPP-CONF-RECEIVED"], timeout=5)
925 if ev is None:
926 raise Exception("DPP configuration not completed (Enrollee)")
927 logger.info("DPP initiator/enrollee done")
928
929 def test_sigma_dut_dpp_qr_resp_1(dev, apdev):
930 """sigma_dut DPP/QR responder (conf index 1)"""
931 run_sigma_dut_dpp_qr_resp(dev, apdev, 1)
932
933 def test_sigma_dut_dpp_qr_resp_2(dev, apdev):
934 """sigma_dut DPP/QR responder (conf index 2)"""
935 run_sigma_dut_dpp_qr_resp(dev, apdev, 2)
936
937 def test_sigma_dut_dpp_qr_resp_3(dev, apdev):
938 """sigma_dut DPP/QR responder (conf index 3)"""
939 run_sigma_dut_dpp_qr_resp(dev, apdev, 3)
940
941 def test_sigma_dut_dpp_qr_resp_4(dev, apdev):
942 """sigma_dut DPP/QR responder (conf index 4)"""
943 run_sigma_dut_dpp_qr_resp(dev, apdev, 4)
944
945 def test_sigma_dut_dpp_qr_resp_5(dev, apdev):
946 """sigma_dut DPP/QR responder (conf index 5)"""
947 run_sigma_dut_dpp_qr_resp(dev, apdev, 5)
948
949 def test_sigma_dut_dpp_qr_resp_6(dev, apdev):
950 """sigma_dut DPP/QR responder (conf index 6)"""
951 run_sigma_dut_dpp_qr_resp(dev, apdev, 6)
952
953 def test_sigma_dut_dpp_qr_resp_7(dev, apdev):
954 """sigma_dut DPP/QR responder (conf index 7)"""
955 run_sigma_dut_dpp_qr_resp(dev, apdev, 7)
956
957 def test_sigma_dut_dpp_qr_resp_chan_list(dev, apdev):
958 """sigma_dut DPP/QR responder (channel list override)"""
959 run_sigma_dut_dpp_qr_resp(dev, apdev, 1, chan_list='81/2 81/6 81/1',
960 listen_chan=2)
961
962 def run_sigma_dut_dpp_qr_resp(dev, apdev, conf_idx, chan_list=None,
963 listen_chan=None):
964 check_dpp_capab(dev[0])
965 check_dpp_capab(dev[1])
966 sigma = start_sigma_dut(dev[0].ifname)
967 try:
968 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
969 if chan_list:
970 cmd += ",DPPChannelList," + chan_list
971 res = sigma_dut_cmd(cmd)
972 if "status,COMPLETE" not in res:
973 raise Exception("dev_exec_action did not succeed: " + res)
974 hex = res.split(',')[3]
975 uri = from_hex(hex)
976 logger.info("URI from sigma_dut: " + uri)
977
978 res = dev[1].request("DPP_QR_CODE " + uri)
979 if "FAIL" in res:
980 raise Exception("Failed to parse QR Code URI")
981 id1 = int(res)
982
983 t = threading.Thread(target=dpp_init_enrollee, args=(dev[1], id1))
984 t.start()
985 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
986 if listen_chan:
987 cmd += ",DPPListenChannel," + str(listen_chan)
988 res = sigma_dut_cmd(cmd, timeout=10)
989 t.join()
990 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
991 raise Exception("Unexpected result: " + res)
992 finally:
993 stop_sigma_dut(sigma)
994
995 def test_sigma_dut_dpp_qr_init_enrollee(dev, apdev):
996 """sigma_dut DPP/QR initiator as Enrollee"""
997 check_dpp_capab(dev[0])
998 check_dpp_capab(dev[1])
999
1000 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1001 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1002 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1003 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1004
1005 params = { "ssid": "DPPNET01",
1006 "wpa": "2",
1007 "ieee80211w": "2",
1008 "wpa_key_mgmt": "DPP",
1009 "rsn_pairwise": "CCMP",
1010 "dpp_connector": ap_connector,
1011 "dpp_csign": csign_pub,
1012 "dpp_netaccesskey": ap_netaccesskey }
1013 try:
1014 hapd = hostapd.add_ap(apdev[0], params)
1015 except:
1016 raise HwsimSkip("DPP not supported")
1017
1018 sigma = start_sigma_dut(dev[0].ifname)
1019 try:
1020 dev[0].set("dpp_config_processing", "2")
1021
1022 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1023 res = dev[1].request(cmd)
1024 if "FAIL" in res:
1025 raise Exception("Failed to add configurator")
1026 conf_id = int(res)
1027
1028 addr = dev[1].own_addr().replace(':', '')
1029 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1030 res = dev[1].request(cmd)
1031 if "FAIL" in res:
1032 raise Exception("Failed to generate bootstrapping info")
1033 id0 = int(res)
1034 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1035
1036 dev[1].set("dpp_configurator_params",
1037 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1038 cmd = "DPP_LISTEN 2437 role=configurator"
1039 if "OK" not in dev[1].request(cmd):
1040 raise Exception("Failed to start listen operation")
1041
1042 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1043 if "status,COMPLETE" not in res:
1044 raise Exception("dev_exec_action did not succeed: " + res)
1045
1046 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1047 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1048 raise Exception("Unexpected result: " + res)
1049 finally:
1050 dev[0].set("dpp_config_processing", "0")
1051 stop_sigma_dut(sigma)
1052
1053 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1054 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1055 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev)
1056
1057 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev):
1058 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1059 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev,
1060 extra="DPPAuthDirection,Mutual,")
1061
1062 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev, apdev, extra=''):
1063 check_dpp_capab(dev[0])
1064 check_dpp_capab(dev[1])
1065
1066 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1067 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1068 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1069 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1070
1071 params = { "ssid": "DPPNET01",
1072 "wpa": "2",
1073 "ieee80211w": "2",
1074 "wpa_key_mgmt": "DPP",
1075 "rsn_pairwise": "CCMP",
1076 "dpp_connector": ap_connector,
1077 "dpp_csign": csign_pub,
1078 "dpp_netaccesskey": ap_netaccesskey }
1079 try:
1080 hapd = hostapd.add_ap(apdev[0], params)
1081 except:
1082 raise HwsimSkip("DPP not supported")
1083
1084 sigma = start_sigma_dut(dev[0].ifname)
1085 try:
1086 dev[0].set("dpp_config_processing", "2")
1087
1088 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1089 res = dev[1].request(cmd)
1090 if "FAIL" in res:
1091 raise Exception("Failed to add configurator")
1092 conf_id = int(res)
1093
1094 addr = dev[1].own_addr().replace(':', '')
1095 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1096 res = dev[1].request(cmd)
1097 if "FAIL" in res:
1098 raise Exception("Failed to generate bootstrapping info")
1099 id0 = int(res)
1100 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1101
1102 dev[1].set("dpp_configurator_params",
1103 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id))
1104 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1105 if "OK" not in dev[1].request(cmd):
1106 raise Exception("Failed to start listen operation")
1107
1108 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1109 if "status,COMPLETE" not in res:
1110 raise Exception("dev_exec_action did not succeed: " + res)
1111 hex = res.split(',')[3]
1112 uri = from_hex(hex)
1113 logger.info("URI from sigma_dut: " + uri)
1114
1115 res = dev[1].request("DPP_QR_CODE " + uri)
1116 if "FAIL" in res:
1117 raise Exception("Failed to parse QR Code URI")
1118 id1 = int(res)
1119
1120 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1121 if "status,COMPLETE" not in res:
1122 raise Exception("dev_exec_action did not succeed: " + res)
1123
1124 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra, timeout=10)
1125 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1126 raise Exception("Unexpected result: " + res)
1127 finally:
1128 dev[0].set("dpp_config_processing", "0")
1129 stop_sigma_dut(sigma)
1130
1131 def dpp_init_conf_mutual(dev, id1, conf_id, own_id=None):
1132 time.sleep(1)
1133 logger.info("Starting DPP initiator/configurator in a thread")
1134 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1, to_hex("DPPNET01"), conf_id)
1135 if own_id is not None:
1136 cmd += " own=%d" % own_id
1137 if "OK" not in dev.request(cmd):
1138 raise Exception("Failed to initiate DPP Authentication")
1139 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1140 if ev is None:
1141 raise Exception("DPP configuration not completed (Configurator)")
1142 logger.info("DPP initiator/configurator done")
1143
1144 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev):
1145 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1146 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev)
1147
1148 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev, apdev):
1149 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1150 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, ',DPPDelayQRResponse,1')
1151
1152 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev, apdev, extra=None):
1153 check_dpp_capab(dev[0])
1154 check_dpp_capab(dev[1])
1155
1156 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1157 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1158 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1159 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1160
1161 params = { "ssid": "DPPNET01",
1162 "wpa": "2",
1163 "ieee80211w": "2",
1164 "wpa_key_mgmt": "DPP",
1165 "rsn_pairwise": "CCMP",
1166 "dpp_connector": ap_connector,
1167 "dpp_csign": csign_pub,
1168 "dpp_netaccesskey": ap_netaccesskey }
1169 try:
1170 hapd = hostapd.add_ap(apdev[0], params)
1171 except:
1172 raise HwsimSkip("DPP not supported")
1173
1174 sigma = start_sigma_dut(dev[0].ifname)
1175 try:
1176 dev[0].set("dpp_config_processing", "2")
1177
1178 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1179 res = dev[1].request(cmd)
1180 if "FAIL" in res:
1181 raise Exception("Failed to add configurator")
1182 conf_id = int(res)
1183
1184 addr = dev[1].own_addr().replace(':', '')
1185 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1186 res = dev[1].request(cmd)
1187 if "FAIL" in res:
1188 raise Exception("Failed to generate bootstrapping info")
1189 id0 = int(res)
1190 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1191
1192 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1193 if "status,COMPLETE" not in res:
1194 raise Exception("dev_exec_action did not succeed: " + res)
1195 hex = res.split(',')[3]
1196 uri = from_hex(hex)
1197 logger.info("URI from sigma_dut: " + uri)
1198
1199 res = dev[1].request("DPP_QR_CODE " + uri)
1200 if "FAIL" in res:
1201 raise Exception("Failed to parse QR Code URI")
1202 id1 = int(res)
1203
1204 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1205 if "status,COMPLETE" not in res:
1206 raise Exception("dev_exec_action did not succeed: " + res)
1207
1208 t = threading.Thread(target=dpp_init_conf_mutual,
1209 args=(dev[1], id1, conf_id, id0))
1210 t.start()
1211
1212 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1213 if extra:
1214 cmd += extra
1215 res = sigma_dut_cmd(cmd, timeout=25)
1216 t.join()
1217 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1218 raise Exception("Unexpected result: " + res)
1219 finally:
1220 dev[0].set("dpp_config_processing", "0")
1221 stop_sigma_dut(sigma)
1222
1223 def dpp_resp_conf_mutual(dev, conf_id, uri):
1224 logger.info("Starting DPP responder/configurator in a thread")
1225 dev.set("dpp_configurator_params",
1226 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
1227 conf_id))
1228 cmd = "DPP_LISTEN 2437 role=configurator qr=mutual"
1229 if "OK" not in dev.request(cmd):
1230 raise Exception("Failed to initiate DPP listen")
1231 if uri:
1232 ev = dev.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout=10)
1233 if ev is None:
1234 raise Exception("QR Code scan for mutual authentication not requested")
1235 res = dev.request("DPP_QR_CODE " + uri)
1236 if "FAIL" in res:
1237 raise Exception("Failed to parse QR Code URI")
1238 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=10)
1239 if ev is None:
1240 raise Exception("DPP configuration not completed (Configurator)")
1241 logger.info("DPP responder/configurator done")
1242
1243 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev):
1244 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1245 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, False)
1246
1247 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev, apdev):
1248 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1249 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, True)
1250
1251 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev, apdev, resp_pending):
1252 check_dpp_capab(dev[0])
1253 check_dpp_capab(dev[1])
1254
1255 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1256 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1257 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1258 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1259
1260 params = { "ssid": "DPPNET01",
1261 "wpa": "2",
1262 "ieee80211w": "2",
1263 "wpa_key_mgmt": "DPP",
1264 "rsn_pairwise": "CCMP",
1265 "dpp_connector": ap_connector,
1266 "dpp_csign": csign_pub,
1267 "dpp_netaccesskey": ap_netaccesskey }
1268 try:
1269 hapd = hostapd.add_ap(apdev[0], params)
1270 except:
1271 raise HwsimSkip("DPP not supported")
1272
1273 sigma = start_sigma_dut(dev[0].ifname)
1274 try:
1275 dev[0].set("dpp_config_processing", "2")
1276
1277 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
1278 res = dev[1].request(cmd)
1279 if "FAIL" in res:
1280 raise Exception("Failed to add configurator")
1281 conf_id = int(res)
1282
1283 addr = dev[1].own_addr().replace(':', '')
1284 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1285 res = dev[1].request(cmd)
1286 if "FAIL" in res:
1287 raise Exception("Failed to generate bootstrapping info")
1288 id0 = int(res)
1289 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1290
1291 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1292 if "status,COMPLETE" not in res:
1293 raise Exception("dev_exec_action did not succeed: " + res)
1294 hex = res.split(',')[3]
1295 uri = from_hex(hex)
1296 logger.info("URI from sigma_dut: " + uri)
1297
1298 if not resp_pending:
1299 res = dev[1].request("DPP_QR_CODE " + uri)
1300 if "FAIL" in res:
1301 raise Exception("Failed to parse QR Code URI")
1302 uri = None
1303
1304 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1305 if "status,COMPLETE" not in res:
1306 raise Exception("dev_exec_action did not succeed: " + res)
1307
1308 t = threading.Thread(target=dpp_resp_conf_mutual,
1309 args=(dev[1], conf_id, uri))
1310 t.start()
1311
1312 time.sleep(1)
1313 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1314 res = sigma_dut_cmd(cmd, timeout=15)
1315 t.join()
1316 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
1317 raise Exception("Unexpected result: " + res)
1318 finally:
1319 dev[0].set("dpp_config_processing", "0")
1320 stop_sigma_dut(sigma)
1321
1322 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev, apdev):
1323 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1324 check_dpp_capab(dev[0])
1325 check_dpp_capab(dev[1])
1326
1327 params = hostapd.wpa2_params(ssid="DPPNET01",
1328 passphrase="ThisIsDppPassphrase")
1329 hapd = hostapd.add_ap(apdev[0], params)
1330
1331 sigma = start_sigma_dut(dev[0].ifname)
1332 try:
1333 dev[0].set("dpp_config_processing", "2")
1334
1335 cmd = "DPP_CONFIGURATOR_ADD"
1336 res = dev[1].request(cmd)
1337 if "FAIL" in res:
1338 raise Exception("Failed to add configurator")
1339 conf_id = int(res)
1340
1341 addr = dev[1].own_addr().replace(':', '')
1342 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1343 res = dev[1].request(cmd)
1344 if "FAIL" in res:
1345 raise Exception("Failed to generate bootstrapping info")
1346 id0 = int(res)
1347 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1348
1349 dev[1].set("dpp_configurator_params",
1350 " conf=sta-psk ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1351 cmd = "DPP_LISTEN 2437 role=configurator"
1352 if "OK" not in dev[1].request(cmd):
1353 raise Exception("Failed to start listen operation")
1354
1355 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1356 if "status,COMPLETE" not in res:
1357 raise Exception("dev_exec_action did not succeed: " + res)
1358
1359 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1360 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1361 raise Exception("Unexpected result: " + res)
1362 finally:
1363 dev[0].set("dpp_config_processing", "0")
1364 stop_sigma_dut(sigma)
1365
1366 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev, apdev):
1367 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1368 check_dpp_capab(dev[0])
1369 check_dpp_capab(dev[1])
1370 if "SAE" not in dev[0].get_capability("auth_alg"):
1371 raise HwsimSkip("SAE not supported")
1372
1373 params = hostapd.wpa2_params(ssid="DPPNET01",
1374 passphrase="ThisIsDppPassphrase")
1375 params['wpa_key_mgmt'] = 'SAE'
1376 params["ieee80211w"] = "2"
1377 hapd = hostapd.add_ap(apdev[0], params)
1378
1379 sigma = start_sigma_dut(dev[0].ifname)
1380 try:
1381 dev[0].set("dpp_config_processing", "2")
1382
1383 cmd = "DPP_CONFIGURATOR_ADD"
1384 res = dev[1].request(cmd)
1385 if "FAIL" in res:
1386 raise Exception("Failed to add configurator")
1387 conf_id = int(res)
1388
1389 addr = dev[1].own_addr().replace(':', '')
1390 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1391 res = dev[1].request(cmd)
1392 if "FAIL" in res:
1393 raise Exception("Failed to generate bootstrapping info")
1394 id0 = int(res)
1395 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1396
1397 dev[1].set("dpp_configurator_params",
1398 " conf=sta-sae ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id))
1399 cmd = "DPP_LISTEN 2437 role=configurator"
1400 if "OK" not in dev[1].request(cmd):
1401 raise Exception("Failed to start listen operation")
1402
1403 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1404 if "status,COMPLETE" not in res:
1405 raise Exception("dev_exec_action did not succeed: " + res)
1406
1407 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout=10)
1408 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res:
1409 raise Exception("Unexpected result: " + res)
1410 finally:
1411 dev[0].set("dpp_config_processing", "0")
1412 stop_sigma_dut(sigma)
1413
1414 def test_sigma_dut_dpp_qr_init_configurator_1(dev, apdev):
1415 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1416 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1)
1417
1418 def test_sigma_dut_dpp_qr_init_configurator_2(dev, apdev):
1419 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1420 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 2)
1421
1422 def test_sigma_dut_dpp_qr_init_configurator_3(dev, apdev):
1423 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1424 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 3)
1425
1426 def test_sigma_dut_dpp_qr_init_configurator_4(dev, apdev):
1427 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1428 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 4)
1429
1430 def test_sigma_dut_dpp_qr_init_configurator_5(dev, apdev):
1431 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1432 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 5)
1433
1434 def test_sigma_dut_dpp_qr_init_configurator_6(dev, apdev):
1435 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1436 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 6)
1437
1438 def test_sigma_dut_dpp_qr_init_configurator_7(dev, apdev):
1439 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1440 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 7)
1441
1442 def test_sigma_dut_dpp_qr_init_configurator_both(dev, apdev):
1443 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1444 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, "Both")
1445
1446 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev, apdev):
1447 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1448 run_sigma_dut_dpp_qr_init_configurator(dev, apdev, 1, extra='DPPSubsequentChannel,81/11')
1449
1450 def run_sigma_dut_dpp_qr_init_configurator(dev, apdev, conf_idx,
1451 prov_role="Configurator",
1452 extra=None):
1453 check_dpp_capab(dev[0])
1454 check_dpp_capab(dev[1])
1455 sigma = start_sigma_dut(dev[0].ifname)
1456 try:
1457 addr = dev[1].own_addr().replace(':', '')
1458 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1459 res = dev[1].request(cmd)
1460 if "FAIL" in res:
1461 raise Exception("Failed to generate bootstrapping info")
1462 id0 = int(res)
1463 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1464
1465 cmd = "DPP_LISTEN 2437 role=enrollee"
1466 if "OK" not in dev[1].request(cmd):
1467 raise Exception("Failed to start listen operation")
1468
1469 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1470 if "status,COMPLETE" not in res:
1471 raise Exception("dev_exec_action did not succeed: " + res)
1472
1473 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role, conf_idx)
1474 if extra:
1475 cmd += "," + extra
1476 res = sigma_dut_cmd(cmd)
1477 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1478 raise Exception("Unexpected result: " + res)
1479 finally:
1480 stop_sigma_dut(sigma)
1481
1482 def test_sigma_dut_dpp_incompatible_roles_init(dev, apdev):
1483 """sigma_dut DPP roles incompatible (Initiator)"""
1484 check_dpp_capab(dev[0])
1485 check_dpp_capab(dev[1])
1486 sigma = start_sigma_dut(dev[0].ifname)
1487 try:
1488 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1489 if "status,COMPLETE" not in res:
1490 raise Exception("dev_exec_action did not succeed: " + res)
1491 hex = res.split(',')[3]
1492 uri = from_hex(hex)
1493 logger.info("URI from sigma_dut: " + uri)
1494
1495 res = dev[1].request("DPP_QR_CODE " + uri)
1496 if "FAIL" in res:
1497 raise Exception("Failed to parse QR Code URI")
1498 id1 = int(res)
1499
1500 addr = dev[1].own_addr().replace(':', '')
1501 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1502 res = dev[1].request(cmd)
1503 if "FAIL" in res:
1504 raise Exception("Failed to generate bootstrapping info")
1505 id0 = int(res)
1506 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1507
1508 cmd = "DPP_LISTEN 2437 role=enrollee"
1509 if "OK" not in dev[1].request(cmd):
1510 raise Exception("Failed to start listen operation")
1511
1512 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1513 if "status,COMPLETE" not in res:
1514 raise Exception("dev_exec_action did not succeed: " + res)
1515
1516 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1517 res = sigma_dut_cmd(cmd)
1518 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1519 raise Exception("Unexpected result: " + res)
1520 finally:
1521 stop_sigma_dut(sigma)
1522
1523 def dpp_init_enrollee_mutual(dev, id1, own_id):
1524 logger.info("Starting DPP initiator/enrollee in a thread")
1525 time.sleep(1)
1526 cmd = "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1, own_id)
1527 if "OK" not in dev.request(cmd):
1528 raise Exception("Failed to initiate DPP Authentication")
1529 ev = dev.wait_event(["DPP-CONF-RECEIVED",
1530 "DPP-NOT-COMPATIBLE"], timeout=5)
1531 if ev is None:
1532 raise Exception("DPP configuration not completed (Enrollee)")
1533 logger.info("DPP initiator/enrollee done")
1534
1535 def test_sigma_dut_dpp_incompatible_roles_resp(dev, apdev):
1536 """sigma_dut DPP roles incompatible (Responder)"""
1537 check_dpp_capab(dev[0])
1538 check_dpp_capab(dev[1])
1539 sigma = start_sigma_dut(dev[0].ifname)
1540 try:
1541 cmd = "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1542 res = sigma_dut_cmd(cmd)
1543 if "status,COMPLETE" not in res:
1544 raise Exception("dev_exec_action did not succeed: " + res)
1545 hex = res.split(',')[3]
1546 uri = from_hex(hex)
1547 logger.info("URI from sigma_dut: " + uri)
1548
1549 res = dev[1].request("DPP_QR_CODE " + uri)
1550 if "FAIL" in res:
1551 raise Exception("Failed to parse QR Code URI")
1552 id1 = int(res)
1553
1554 addr = dev[1].own_addr().replace(':', '')
1555 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1556 res = dev[1].request(cmd)
1557 if "FAIL" in res:
1558 raise Exception("Failed to generate bootstrapping info")
1559 id0 = int(res)
1560 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1561
1562 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1563 if "status,COMPLETE" not in res:
1564 raise Exception("dev_exec_action did not succeed: " + res)
1565
1566 t = threading.Thread(target=dpp_init_enrollee_mutual, args=(dev[1], id1, id0))
1567 t.start()
1568 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1569 res = sigma_dut_cmd(cmd, timeout=10)
1570 t.join()
1571 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res:
1572 raise Exception("Unexpected result: " + res)
1573 finally:
1574 stop_sigma_dut(sigma)
1575
1576 def test_sigma_dut_dpp_pkex_init_configurator(dev, apdev):
1577 """sigma_dut DPP/PKEX initiator as Configurator"""
1578 check_dpp_capab(dev[0])
1579 check_dpp_capab(dev[1])
1580 sigma = start_sigma_dut(dev[0].ifname)
1581 try:
1582 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1583 res = dev[1].request(cmd)
1584 if "FAIL" in res:
1585 raise Exception("Failed to generate bootstrapping info")
1586 id1 = int(res)
1587 cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1)
1588 res = dev[1].request(cmd)
1589 if "FAIL" in res:
1590 raise Exception("Failed to set PKEX data (responder)")
1591 cmd = "DPP_LISTEN 2437 role=enrollee"
1592 if "OK" not in dev[1].request(cmd):
1593 raise Exception("Failed to start listen operation")
1594
1595 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1596 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1597 raise Exception("Unexpected result: " + res)
1598 finally:
1599 stop_sigma_dut(sigma)
1600
1601 def dpp_init_conf(dev, id1, conf, conf_id, extra):
1602 logger.info("Starting DPP initiator/configurator in a thread")
1603 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1, conf, extra, conf_id)
1604 if "OK" not in dev.request(cmd):
1605 raise Exception("Failed to initiate DPP Authentication")
1606 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1607 if ev is None:
1608 raise Exception("DPP configuration not completed (Configurator)")
1609 logger.info("DPP initiator/configurator done")
1610
1611 def test_sigma_dut_ap_dpp_qr(dev, apdev, params):
1612 """sigma_dut controlled AP (DPP)"""
1613 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-dpp", "sta-dpp")
1614
1615 def test_sigma_dut_ap_dpp_qr_legacy(dev, apdev, params):
1616 """sigma_dut controlled AP (legacy)"""
1617 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1618 extra="pass=%s" % to_hex("qwertyuiop"))
1619
1620 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev, apdev, params):
1621 """sigma_dut controlled AP (legacy)"""
1622 run_sigma_dut_ap_dpp_qr(dev, apdev, params, "ap-psk", "sta-psk",
1623 extra="psk=%s" % (32*"12"))
1624
1625 def run_sigma_dut_ap_dpp_qr(dev, apdev, params, ap_conf, sta_conf, extra=""):
1626 check_dpp_capab(dev[0])
1627 logdir = os.path.join(params['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1628 with HWSimRadio() as (radio, iface):
1629 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1630 try:
1631 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1632 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1633 if "status,COMPLETE" not in res:
1634 raise Exception("dev_exec_action did not succeed: " + res)
1635 hex = res.split(',')[3]
1636 uri = from_hex(hex)
1637 logger.info("URI from sigma_dut: " + uri)
1638
1639 cmd = "DPP_CONFIGURATOR_ADD"
1640 res = dev[0].request(cmd)
1641 if "FAIL" in res:
1642 raise Exception("Failed to add configurator")
1643 conf_id = int(res)
1644
1645 res = dev[0].request("DPP_QR_CODE " + uri)
1646 if "FAIL" in res:
1647 raise Exception("Failed to parse QR Code URI")
1648 id1 = int(res)
1649
1650 t = threading.Thread(target=dpp_init_conf,
1651 args=(dev[0], id1, ap_conf, conf_id, extra))
1652 t.start()
1653 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1654 t.join()
1655 if "ConfResult,OK" not in res:
1656 raise Exception("Unexpected result: " + res)
1657
1658 addr = dev[1].own_addr().replace(':', '')
1659 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
1660 res = dev[1].request(cmd)
1661 if "FAIL" in res:
1662 raise Exception("Failed to generate bootstrapping info")
1663 id1 = int(res)
1664 uri1 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1)
1665
1666 res = dev[0].request("DPP_QR_CODE " + uri1)
1667 if "FAIL" in res:
1668 raise Exception("Failed to parse QR Code URI")
1669 id0b = int(res)
1670
1671 dev[1].set("dpp_config_processing", "2")
1672 cmd = "DPP_LISTEN 2412"
1673 if "OK" not in dev[1].request(cmd):
1674 raise Exception("Failed to start listen operation")
1675 cmd = "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b, sta_conf, extra, conf_id)
1676 if "OK" not in dev[0].request(cmd):
1677 raise Exception("Failed to initiate DPP Authentication")
1678 dev[1].wait_connected()
1679
1680 sigma_dut_cmd_check("ap_reset_default")
1681 finally:
1682 dev[1].set("dpp_config_processing", "0")
1683 stop_sigma_dut(sigma)
1684
1685 def test_sigma_dut_ap_dpp_pkex_responder(dev, apdev, params):
1686 """sigma_dut controlled AP as DPP PKEX responder"""
1687 check_dpp_capab(dev[0])
1688 logdir = os.path.join(params['logdir'],
1689 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1690 with HWSimRadio() as (radio, iface):
1691 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
1692 try:
1693 run_sigma_dut_ap_dpp_pkex_responder(dev, apdev)
1694 finally:
1695 stop_sigma_dut(sigma)
1696
1697 def dpp_init_conf_pkex(dev, conf_id, check_config=True):
1698 logger.info("Starting DPP PKEX initiator/configurator in a thread")
1699 time.sleep(1.5)
1700 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
1701 res = dev.request(cmd)
1702 if "FAIL" in res:
1703 raise Exception("Failed to generate bootstrapping info")
1704 id = int(res)
1705 cmd = "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id)
1706 res = dev.request(cmd)
1707 if "FAIL" in res:
1708 raise Exception("Failed to initiate DPP PKEX")
1709 if not check_config:
1710 return
1711 ev = dev.wait_event(["DPP-CONF-SENT"], timeout=5)
1712 if ev is None:
1713 raise Exception("DPP configuration not completed (Configurator)")
1714 logger.info("DPP initiator/configurator done")
1715
1716 def run_sigma_dut_ap_dpp_pkex_responder(dev, apdev):
1717 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1718
1719 cmd = "DPP_CONFIGURATOR_ADD"
1720 res = dev[0].request(cmd)
1721 if "FAIL" in res:
1722 raise Exception("Failed to add configurator")
1723 conf_id = int(res)
1724
1725 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[0], conf_id))
1726 t.start()
1727 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout=10)
1728 t.join()
1729 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
1730 raise Exception("Unexpected result: " + res)
1731
1732 sigma_dut_cmd_check("ap_reset_default")
1733
1734 def test_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1735 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1736 check_dpp_capab(dev[0])
1737 sigma = start_sigma_dut(dev[0].ifname)
1738 try:
1739 run_sigma_dut_dpp_pkex_responder_proto(dev, apdev)
1740 finally:
1741 stop_sigma_dut(sigma)
1742
1743 def run_sigma_dut_dpp_pkex_responder_proto(dev, apdev):
1744 cmd = "DPP_CONFIGURATOR_ADD"
1745 res = dev[1].request(cmd)
1746 if "FAIL" in res:
1747 raise Exception("Failed to add configurator")
1748 conf_id = int(res)
1749
1750 dev[1].set("dpp_test", "44")
1751
1752 t = threading.Thread(target=dpp_init_conf_pkex, args=(dev[1], conf_id,
1753 False))
1754 t.start()
1755 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout=10)
1756 t.join()
1757 if "BootstrapResult,Timeout" not in res:
1758 raise Exception("Unexpected result: " + res)
1759
1760 def dpp_proto_init(dev, id1):
1761 time.sleep(1)
1762 logger.info("Starting DPP initiator/configurator in a thread")
1763 cmd = "DPP_CONFIGURATOR_ADD"
1764 res = dev.request(cmd)
1765 if "FAIL" in res:
1766 raise Exception("Failed to add configurator")
1767 conf_id = int(res)
1768
1769 cmd = "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1, conf_id)
1770 if "OK" not in dev.request(cmd):
1771 raise Exception("Failed to initiate DPP Authentication")
1772
1773 def test_sigma_dut_dpp_proto_initiator(dev, apdev):
1774 """sigma_dut DPP protocol testing - Initiator"""
1775 check_dpp_capab(dev[0])
1776 check_dpp_capab(dev[1])
1777 tests = [ ("InvalidValue", "AuthenticationRequest", "WrappedData",
1778 "BootstrapResult,OK,AuthResult,Errorsent",
1779 None),
1780 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1781 "BootstrapResult,OK,AuthResult,Errorsent",
1782 None),
1783 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1784 "BootstrapResult,OK,AuthResult,Errorsent",
1785 "Missing or invalid I-capabilities"),
1786 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1787 "BootstrapResult,OK,AuthResult,Errorsent",
1788 "Mismatching Initiator Authenticating Tag"),
1789 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1790 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1791 "Missing or invalid Enrollee Nonce attribute") ]
1792 for step, frame, attr, result, fail in tests:
1793 dev[0].request("FLUSH")
1794 dev[1].request("FLUSH")
1795 sigma = start_sigma_dut(dev[0].ifname)
1796 try:
1797 run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result,
1798 fail)
1799 finally:
1800 stop_sigma_dut(sigma)
1801
1802 def run_sigma_dut_dpp_proto_initiator(dev, step, frame, attr, result, fail):
1803 addr = dev[1].own_addr().replace(':', '')
1804 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1805 res = dev[1].request(cmd)
1806 if "FAIL" in res:
1807 raise Exception("Failed to generate bootstrapping info")
1808 id0 = int(res)
1809 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1810
1811 cmd = "DPP_LISTEN 2437 role=enrollee"
1812 if "OK" not in dev[1].request(cmd):
1813 raise Exception("Failed to start listen operation")
1814
1815 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1816 if "status,COMPLETE" not in res:
1817 raise Exception("dev_exec_action did not succeed: " + res)
1818
1819 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr),
1820 timeout=10)
1821 if result not in res:
1822 raise Exception("Unexpected result: " + res)
1823 if fail:
1824 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1825 if ev is None or fail not in ev:
1826 raise Exception("Failure not reported correctly: " + str(ev))
1827
1828 dev[1].request("DPP_STOP_LISTEN")
1829 dev[0].dump_monitor()
1830 dev[1].dump_monitor()
1831
1832 def test_sigma_dut_dpp_proto_responder(dev, apdev):
1833 """sigma_dut DPP protocol testing - Responder"""
1834 check_dpp_capab(dev[0])
1835 check_dpp_capab(dev[1])
1836 tests = [ ("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1837 "BootstrapResult,OK,AuthResult,Errorsent",
1838 "Missing or invalid required DPP Status attribute"),
1839 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1840 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1841 "Missing or invalid Enrollee Nonce attribute") ]
1842 for step, frame, attr, result, fail in tests:
1843 dev[0].request("FLUSH")
1844 dev[1].request("FLUSH")
1845 sigma = start_sigma_dut(dev[0].ifname)
1846 try:
1847 run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result,
1848 fail)
1849 finally:
1850 stop_sigma_dut(sigma)
1851
1852 def run_sigma_dut_dpp_proto_responder(dev, step, frame, attr, result, fail):
1853 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1854 if "status,COMPLETE" not in res:
1855 raise Exception("dev_exec_action did not succeed: " + res)
1856 hex = res.split(',')[3]
1857 uri = from_hex(hex)
1858 logger.info("URI from sigma_dut: " + uri)
1859
1860 res = dev[1].request("DPP_QR_CODE " + uri)
1861 if "FAIL" in res:
1862 raise Exception("Failed to parse QR Code URI")
1863 id1 = int(res)
1864
1865 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
1866 t.start()
1867 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
1868 t.join()
1869 if result not in res:
1870 raise Exception("Unexpected result: " + res)
1871 if fail:
1872 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1873 if ev is None or fail not in ev:
1874 raise Exception("Failure not reported correctly:" + str(ev))
1875
1876 dev[1].request("DPP_STOP_LISTEN")
1877 dev[0].dump_monitor()
1878 dev[1].dump_monitor()
1879
1880 def test_sigma_dut_dpp_proto_stop_at_initiator(dev, apdev):
1881 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1882 check_dpp_capab(dev[0])
1883 check_dpp_capab(dev[1])
1884 tests = [ ("AuthenticationResponse",
1885 "BootstrapResult,OK,AuthResult,Errorsent",
1886 None),
1887 ("ConfigurationRequest",
1888 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1889 None)]
1890 for frame, result, fail in tests:
1891 dev[0].request("FLUSH")
1892 dev[1].request("FLUSH")
1893 sigma = start_sigma_dut(dev[0].ifname)
1894 try:
1895 run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail)
1896 finally:
1897 stop_sigma_dut(sigma)
1898
1899 def run_sigma_dut_dpp_proto_stop_at_initiator(dev, frame, result, fail):
1900 addr = dev[1].own_addr().replace(':', '')
1901 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1902 res = dev[1].request(cmd)
1903 if "FAIL" in res:
1904 raise Exception("Failed to generate bootstrapping info")
1905 id0 = int(res)
1906 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1907
1908 cmd = "DPP_LISTEN 2437 role=enrollee"
1909 if "OK" not in dev[1].request(cmd):
1910 raise Exception("Failed to start listen operation")
1911
1912 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1913 if "status,COMPLETE" not in res:
1914 raise Exception("dev_exec_action did not succeed: " + res)
1915
1916 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame))
1917 if result not in res:
1918 raise Exception("Unexpected result: " + res)
1919 if fail:
1920 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1921 if ev is None or fail not in ev:
1922 raise Exception("Failure not reported correctly: " + str(ev))
1923
1924 dev[1].request("DPP_STOP_LISTEN")
1925 dev[0].dump_monitor()
1926 dev[1].dump_monitor()
1927
1928 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, apdev):
1929 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
1930 check_dpp_capab(dev[0])
1931 check_dpp_capab(dev[1])
1932 tests = [ ("AuthenticationConfirm",
1933 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
1934 None) ]
1935 for frame, result, fail in tests:
1936 dev[0].request("FLUSH")
1937 dev[1].request("FLUSH")
1938 sigma = start_sigma_dut(dev[0].ifname, debug=True)
1939 try:
1940 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame,
1941 result, fail)
1942 finally:
1943 stop_sigma_dut(sigma)
1944
1945 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev, frame, result,
1946 fail):
1947 addr = dev[1].own_addr().replace(':', '')
1948 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
1949 res = dev[1].request(cmd)
1950 if "FAIL" in res:
1951 raise Exception("Failed to generate bootstrapping info")
1952 id0 = int(res)
1953 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
1954
1955 cmd = "DPP_LISTEN 2437 role=configurator"
1956 if "OK" not in dev[1].request(cmd):
1957 raise Exception("Failed to start listen operation")
1958
1959 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
1960 if "status,COMPLETE" not in res:
1961 raise Exception("dev_exec_action did not succeed: " + res)
1962
1963 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
1964 if result not in res:
1965 raise Exception("Unexpected result: " + res)
1966 if fail:
1967 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
1968 if ev is None or fail not in ev:
1969 raise Exception("Failure not reported correctly: " + str(ev))
1970
1971 dev[1].request("DPP_STOP_LISTEN")
1972 dev[0].dump_monitor()
1973 dev[1].dump_monitor()
1974
1975 def test_sigma_dut_dpp_proto_stop_at_responder(dev, apdev):
1976 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
1977 check_dpp_capab(dev[0])
1978 check_dpp_capab(dev[1])
1979 tests = [ ("AuthenticationRequest",
1980 "BootstrapResult,OK,AuthResult,Errorsent",
1981 None),
1982 ("AuthenticationConfirm",
1983 "BootstrapResult,OK,AuthResult,Errorsent",
1984 None) ]
1985 for frame, result, fail in tests:
1986 dev[0].request("FLUSH")
1987 dev[1].request("FLUSH")
1988 sigma = start_sigma_dut(dev[0].ifname)
1989 try:
1990 run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail)
1991 finally:
1992 stop_sigma_dut(sigma)
1993
1994 def run_sigma_dut_dpp_proto_stop_at_responder(dev, frame, result, fail):
1995 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1996 if "status,COMPLETE" not in res:
1997 raise Exception("dev_exec_action did not succeed: " + res)
1998 hex = res.split(',')[3]
1999 uri = from_hex(hex)
2000 logger.info("URI from sigma_dut: " + uri)
2001
2002 res = dev[1].request("DPP_QR_CODE " + uri)
2003 if "FAIL" in res:
2004 raise Exception("Failed to parse QR Code URI")
2005 id1 = int(res)
2006
2007 t = threading.Thread(target=dpp_proto_init, args=(dev[1], id1))
2008 t.start()
2009 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame), timeout=10)
2010 t.join()
2011 if result not in res:
2012 raise Exception("Unexpected result: " + res)
2013 if fail:
2014 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2015 if ev is None or fail not in ev:
2016 raise Exception("Failure not reported correctly:" + str(ev))
2017
2018 dev[1].request("DPP_STOP_LISTEN")
2019 dev[0].dump_monitor()
2020 dev[1].dump_monitor()
2021
2022 def dpp_proto_init_pkex(dev):
2023 time.sleep(1)
2024 logger.info("Starting DPP PKEX initiator/configurator in a thread")
2025 cmd = "DPP_CONFIGURATOR_ADD"
2026 res = dev.request(cmd)
2027 if "FAIL" in res:
2028 raise Exception("Failed to add configurator")
2029 conf_id = int(res)
2030
2031 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2032 res = dev.request(cmd)
2033 if "FAIL" in res:
2034 raise Exception("Failed to generate bootstrapping info")
2035 id = int(res)
2036
2037 cmd = "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id)
2038 if "FAIL" in dev.request(cmd):
2039 raise Exception("Failed to initiate DPP PKEX")
2040
2041 def test_sigma_dut_dpp_proto_initiator_pkex(dev, apdev):
2042 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2043 check_dpp_capab(dev[0])
2044 check_dpp_capab(dev[1])
2045 tests = [ ("InvalidValue", "PKEXCRRequest", "WrappedData",
2046 "BootstrapResult,Errorsent",
2047 None),
2048 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2049 "BootstrapResult,Errorsent",
2050 "Missing or invalid Finite Cyclic Group attribute"),
2051 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2052 "BootstrapResult,Errorsent",
2053 "No valid peer bootstrapping key found") ]
2054 for step, frame, attr, result, fail in tests:
2055 dev[0].request("FLUSH")
2056 dev[1].request("FLUSH")
2057 sigma = start_sigma_dut(dev[0].ifname)
2058 try:
2059 run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr,
2060 result, fail)
2061 finally:
2062 stop_sigma_dut(sigma)
2063
2064 def run_sigma_dut_dpp_proto_initiator_pkex(dev, step, frame, attr, result, fail):
2065 cmd = "DPP_BOOTSTRAP_GEN type=pkex"
2066 res = dev[1].request(cmd)
2067 if "FAIL" in res:
2068 raise Exception("Failed to generate bootstrapping info")
2069 id1 = int(res)
2070
2071 cmd = "DPP_PKEX_ADD own=%d code=secret" % (id1)
2072 res = dev[1].request(cmd)
2073 if "FAIL" in res:
2074 raise Exception("Failed to set PKEX data (responder)")
2075
2076 cmd = "DPP_LISTEN 2437 role=enrollee"
2077 if "OK" not in dev[1].request(cmd):
2078 raise Exception("Failed to start listen operation")
2079
2080 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr))
2081 if result not in res:
2082 raise Exception("Unexpected result: " + res)
2083 if fail:
2084 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2085 if ev is None or fail not in ev:
2086 raise Exception("Failure not reported correctly: " + str(ev))
2087
2088 dev[1].request("DPP_STOP_LISTEN")
2089 dev[0].dump_monitor()
2090 dev[1].dump_monitor()
2091
2092 def test_sigma_dut_dpp_proto_responder_pkex(dev, apdev):
2093 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2094 check_dpp_capab(dev[0])
2095 check_dpp_capab(dev[1])
2096 tests = [ ("InvalidValue", "PKEXCRResponse", "WrappedData",
2097 "BootstrapResult,Errorsent",
2098 None),
2099 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2100 "BootstrapResult,Errorsent",
2101 "No DPP Status attribute"),
2102 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2103 "BootstrapResult,Errorsent",
2104 "No valid peer bootstrapping key found") ]
2105 for step, frame, attr, result, fail in tests:
2106 dev[0].request("FLUSH")
2107 dev[1].request("FLUSH")
2108 sigma = start_sigma_dut(dev[0].ifname)
2109 try:
2110 run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr,
2111 result, fail)
2112 finally:
2113 stop_sigma_dut(sigma)
2114
2115 def run_sigma_dut_dpp_proto_responder_pkex(dev, step, frame, attr, result, fail):
2116 t = threading.Thread(target=dpp_proto_init_pkex, args=(dev[1],))
2117 t.start()
2118 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step, frame, attr), timeout=10)
2119 t.join()
2120 if result not in res:
2121 raise Exception("Unexpected result: " + res)
2122 if fail:
2123 ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
2124 if ev is None or fail not in ev:
2125 raise Exception("Failure not reported correctly:" + str(ev))
2126
2127 dev[1].request("DPP_STOP_LISTEN")
2128 dev[0].dump_monitor()
2129 dev[1].dump_monitor()
2130
2131 def init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2132 check_dpp_capab(dev[0])
2133 check_dpp_capab(dev[1])
2134
2135 csign = "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2136 csign_pub = "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2137 ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2138 ap_netaccesskey = "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2139
2140 params = { "ssid": "DPPNET01",
2141 "wpa": "2",
2142 "ieee80211w": "2",
2143 "wpa_key_mgmt": "DPP",
2144 "rsn_pairwise": "CCMP",
2145 "dpp_connector": ap_connector,
2146 "dpp_csign": csign_pub,
2147 "dpp_netaccesskey": ap_netaccesskey }
2148 try:
2149 hapd = hostapd.add_ap(apdev[0], params)
2150 except:
2151 raise HwsimSkip("DPP not supported")
2152
2153 dev[0].set("dpp_config_processing", "2")
2154
2155 cmd = "DPP_CONFIGURATOR_ADD key=" + csign
2156 res = dev[1].request(cmd)
2157 if "FAIL" in res:
2158 raise Exception("Failed to add configurator")
2159 conf_id = int(res)
2160
2161 addr = dev[1].own_addr().replace(':', '')
2162 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/6 mac=" + addr
2163 res = dev[1].request(cmd)
2164 if "FAIL" in res:
2165 raise Exception("Failed to generate bootstrapping info")
2166 id0 = int(res)
2167 uri0 = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
2168
2169 dev[1].set("dpp_configurator_params",
2170 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
2171 conf_id))
2172 cmd = "DPP_LISTEN 2437 role=configurator"
2173 if "OK" not in dev[1].request(cmd):
2174 raise Exception("Failed to start listen operation")
2175
2176 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0))
2177 if "status,COMPLETE" not in res:
2178 raise Exception("dev_exec_action did not succeed: " + res)
2179
2180 def test_sigma_dut_dpp_proto_peer_disc_req(dev, apdev):
2181 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2182 sigma = start_sigma_dut(dev[0].ifname)
2183 try:
2184 init_sigma_dut_dpp_proto_peer_disc_req(dev, apdev)
2185
2186 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout=10)
2187 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res:
2188 raise Exception("Unexpected result: " + res)
2189 finally:
2190 dev[0].set("dpp_config_processing", "0")
2191 stop_sigma_dut(sigma)
2192
2193 def test_sigma_dut_dpp_self_config(dev, apdev):
2194 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2195 check_dpp_capab(dev[0])
2196
2197 hapd = hostapd.add_ap(apdev[0], { "ssid": "unconfigured" })
2198 check_dpp_capab(hapd)
2199
2200 sigma = start_sigma_dut(dev[0].ifname)
2201 try:
2202 dev[0].set("dpp_config_processing", "2")
2203 addr = hapd.own_addr().replace(':', '')
2204 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
2205 res = hapd.request(cmd)
2206 if "FAIL" in res:
2207 raise Exception("Failed to generate bootstrapping info")
2208 id = int(res)
2209 uri = hapd.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2210
2211 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2212 if "status,COMPLETE" not in res:
2213 raise Exception("dev_exec_action did not succeed: " + res)
2214
2215 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2216 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2217 raise Exception("Unexpected result: " + res)
2218 update_hapd_config(hapd)
2219
2220 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2221 res = sigma_dut_cmd(cmd, timeout=10)
2222 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res:
2223 raise Exception("Unexpected result: " + res)
2224 finally:
2225 stop_sigma_dut(sigma)
2226 dev[0].set("dpp_config_processing", "0")
2227
2228 def test_sigma_dut_ap_dpp_self_config(dev, apdev, params):
2229 """sigma_dut DPP AP Configurator using self-configuration"""
2230 logdir = os.path.join(params['logdir'],
2231 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2232 with HWSimRadio() as (radio, iface):
2233 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2234 try:
2235 run_sigma_dut_ap_dpp_self_config(dev, apdev)
2236 finally:
2237 stop_sigma_dut(sigma)
2238 dev[0].set("dpp_config_processing", "0")
2239
2240 def run_sigma_dut_ap_dpp_self_config(dev, apdev):
2241 check_dpp_capab(dev[0])
2242
2243 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2244
2245 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout=10)
2246 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2247 raise Exception("Unexpected result: " + res)
2248
2249 dev[0].set("dpp_config_processing", "2")
2250
2251 addr = dev[0].own_addr().replace(':', '')
2252 cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/11 mac=" + addr
2253 res = dev[0].request(cmd)
2254 if "FAIL" in res:
2255 raise Exception("Failed to generate bootstrapping info")
2256 id = int(res)
2257 uri = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2258 cmd = "DPP_LISTEN 2462 role=enrollee"
2259 if "OK" not in dev[0].request(cmd):
2260 raise Exception("Failed to start listen operation")
2261
2262 res = sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri))
2263 if "status,COMPLETE" not in res:
2264 raise Exception("dev_exec_action did not succeed: " + res)
2265 cmd = "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2266 res = sigma_dut_cmd(cmd)
2267 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res:
2268 raise Exception("Unexpected result: " + res)
2269 dev[0].wait_connected()
2270 dev[0].request("DISCONNECT")
2271 dev[0].wait_disconnected()
2272 sigma_dut_cmd_check("ap_reset_default")
2273
2274 def test_sigma_dut_preconfigured_profile(dev, apdev):
2275 """sigma_dut controlled connection using preconfigured profile"""
2276 try:
2277 run_sigma_dut_preconfigured_profile(dev, apdev)
2278 finally:
2279 dev[0].set("ignore_old_scan_res", "0")
2280
2281 def run_sigma_dut_preconfigured_profile(dev, apdev):
2282 ifname = dev[0].ifname
2283 sigma = start_sigma_dut(ifname)
2284
2285 params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
2286 hapd = hostapd.add_ap(apdev[0], params)
2287 dev[0].connect("test-psk", psk="12345678", scan_freq="2412",
2288 only_add_network=True)
2289
2290 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2291 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname, "test-psk"))
2292 sigma_dut_wait_connected(ifname)
2293 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2294 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2295 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2296
2297 stop_sigma_dut(sigma)
2298
2299 def test_sigma_dut_wps_pbc(dev, apdev):
2300 """sigma_dut and WPS PBC Enrollee"""
2301 try:
2302 run_sigma_dut_wps_pbc(dev, apdev)
2303 finally:
2304 dev[0].set("ignore_old_scan_res", "0")
2305
2306 def run_sigma_dut_wps_pbc(dev, apdev):
2307 ssid = "test-wps-conf"
2308 hapd = hostapd.add_ap(apdev[0],
2309 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2310 "wpa_passphrase": "12345678", "wpa": "2",
2311 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2312 hapd.request("WPS_PBC")
2313
2314 ifname = dev[0].ifname
2315 sigma = start_sigma_dut(ifname)
2316
2317 cmd = "start_wps_registration,interface,%s" % ifname
2318 cmd += ",WpsRole,Enrollee"
2319 cmd += ",WpsConfigMethod,PBC"
2320 sigma_dut_cmd_check(cmd, timeout=15)
2321
2322 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2323 hapd.disable()
2324 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2325 stop_sigma_dut(sigma)
2326 dev[0].flush_scan_cache()
2327
2328 def test_sigma_dut_sta_scan_bss(dev, apdev):
2329 """sigma_dut sta_scan_bss"""
2330 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" })
2331 sigma = start_sigma_dut(dev[0].ifname)
2332 try:
2333 cmd = "sta_scan_bss,Interface,%s,BSSID,%s" % (dev[0].ifname, \
2334 hapd.own_addr())
2335 res = sigma_dut_cmd(cmd, timeout=10)
2336 if "ssid,test,bsschannel,1" not in res:
2337 raise Exception("Unexpected result: " + res)
2338 finally:
2339 stop_sigma_dut(sigma)
2340
2341 def test_sigma_dut_ap_osen(dev, apdev, params):
2342 """sigma_dut controlled AP with OSEN"""
2343 logdir = os.path.join(params['logdir'],
2344 "sigma_dut_ap_osen.sigma-hostapd")
2345 with HWSimRadio() as (radio, iface):
2346 sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
2347 try:
2348 sigma_dut_cmd_check("ap_reset_default")
2349 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2350 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2351 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2352 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2353
2354 # RSN-OSEN (for OSU)
2355 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2356 pairwise="CCMP", group="GTK_NOT_USED",
2357 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2358 ca_cert="auth_serv/ca.pem", scan_freq="2412")
2359
2360 sigma_dut_cmd_check("ap_reset_default")
2361 finally:
2362 stop_sigma_dut(sigma)
2363
2364 def test_sigma_dut_ap_eap_osen(dev, apdev, params):
2365 """sigma_dut controlled AP with EAP+OSEN"""
2366 logdir = os.path.join(params['logdir'],
2367 "sigma_dut_ap_eap_osen.sigma-hostapd")
2368 with HWSimRadio() as (radio, iface):
2369 sigma = start_sigma_dut(iface, bridge="ap-br0", hostapd_logdir=logdir)
2370 try:
2371 sigma_dut_cmd_check("ap_reset_default")
2372 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2373 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2374 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2375 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2376
2377 subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
2378 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2379
2380 # RSN-OSEN (for OSU)
2381 dev[0].connect("test-hs20", proto="OSEN", key_mgmt="OSEN",
2382 pairwise="CCMP",
2383 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
2384 ca_cert="auth_serv/ca.pem", ieee80211w='2',
2385 scan_freq="2412")
2386 # RSN-EAP (for data connection)
2387 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
2388 identity="hs20-test", password="password",
2389 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
2390 ieee80211w='2', scan_freq="2412")
2391
2392 hwsim_utils.test_connectivity(dev[0], dev[1], broadcast=False,
2393 success_expected=False, timeout=1)
2394
2395 sigma_dut_cmd_check("ap_reset_default")
2396 finally:
2397 stop_sigma_dut(sigma)
2398 subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2399 stderr=open('/dev/null', 'w'))
2400 subprocess.call(['brctl', 'delbr', 'ap-br0'],
2401 stderr=open('/dev/null', 'w'))
2402
2403 def test_sigma_dut_ap_eap(dev, apdev, params):
2404 """sigma_dut controlled AP WPA2-Enterprise"""
2405 logdir = os.path.join(params['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2406 with HWSimRadio() as (radio, iface):
2407 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2408 try:
2409 sigma_dut_cmd_check("ap_reset_default")
2410 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2411 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2412 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2413 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2414
2415 dev[0].connect("test-eap", key_mgmt="WPA-EAP", eap="GPSK",
2416 identity="gpsk user",
2417 password="abcdefghijklmnop0123456789abcdef",
2418 scan_freq="2412")
2419
2420 sigma_dut_cmd_check("ap_reset_default")
2421 finally:
2422 stop_sigma_dut(sigma)
2423
2424 def test_sigma_dut_ap_eap_sha256(dev, apdev, params):
2425 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2426 logdir = os.path.join(params['logdir'],
2427 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2428 with HWSimRadio() as (radio, iface):
2429 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2430 try:
2431 sigma_dut_cmd_check("ap_reset_default")
2432 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2433 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2434 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2435 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2436
2437 dev[0].connect("test-eap", key_mgmt="WPA-EAP-SHA256", eap="GPSK",
2438 identity="gpsk user",
2439 password="abcdefghijklmnop0123456789abcdef",
2440 scan_freq="2412")
2441
2442 sigma_dut_cmd_check("ap_reset_default")
2443 finally:
2444 stop_sigma_dut(sigma)
2445
2446 def test_sigma_dut_ap_ft_eap(dev, apdev, params):
2447 """sigma_dut controlled AP FT-EAP"""
2448 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2449 with HWSimRadio() as (radio, iface):
2450 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2451 try:
2452 sigma_dut_cmd_check("ap_reset_default")
2453 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2454 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2455 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2456 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2457
2458 dev[0].connect("test-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2459 identity="gpsk user",
2460 password="abcdefghijklmnop0123456789abcdef",
2461 scan_freq="2412")
2462
2463 sigma_dut_cmd_check("ap_reset_default")
2464 finally:
2465 stop_sigma_dut(sigma)
2466
2467 def test_sigma_dut_ap_ft_psk(dev, apdev, params):
2468 """sigma_dut controlled AP FT-PSK"""
2469 logdir = os.path.join(params['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2470 with HWSimRadio() as (radio, iface):
2471 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2472 try:
2473 sigma_dut_cmd_check("ap_reset_default")
2474 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2475 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2476 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2477
2478 dev[0].connect("test-ft-psk", key_mgmt="FT-PSK", psk="12345678",
2479 scan_freq="2412")
2480
2481 sigma_dut_cmd_check("ap_reset_default")
2482 finally:
2483 stop_sigma_dut(sigma)
2484
2485 def test_sigma_dut_ap_ent_ft_eap(dev, apdev, params):
2486 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2487 logdir = os.path.join(params['logdir'],
2488 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2489 with HWSimRadio() as (radio, iface):
2490 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2491 try:
2492 sigma_dut_cmd_check("ap_reset_default")
2493 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2494 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2495 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2496 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2497
2498 dev[0].connect("test-ent-ft-eap", key_mgmt="FT-EAP", eap="GPSK",
2499 identity="gpsk user",
2500 password="abcdefghijklmnop0123456789abcdef",
2501 scan_freq="2412")
2502 dev[1].connect("test-ent-ft-eap", key_mgmt="WPA-EAP", eap="GPSK",
2503 identity="gpsk user",
2504 password="abcdefghijklmnop0123456789abcdef",
2505 scan_freq="2412")
2506
2507 sigma_dut_cmd_check("ap_reset_default")
2508 finally:
2509 stop_sigma_dut(sigma)
2510
2511 def test_sigma_dut_venue_url(dev, apdev):
2512 """sigma_dut controlled Venue URL fetch"""
2513 try:
2514 run_sigma_dut_venue_url(dev, apdev)
2515 finally:
2516 dev[0].set("ignore_old_scan_res", "0")
2517
2518 def run_sigma_dut_venue_url(dev, apdev):
2519 ifname = dev[0].ifname
2520 sigma = start_sigma_dut(ifname, debug=True)
2521
2522 ssid = "venue"
2523 params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
2524 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2525 params["ieee80211w"] = "2"
2526
2527 venue_group = 1
2528 venue_type = 13
2529 venue_info = struct.pack('BB', venue_group, venue_type)
2530 lang1 = "eng"
2531 name1 = "Example venue"
2532 lang2 = "fin"
2533 name2 = "Esimerkkipaikka"
2534 venue1 = struct.pack('B', len(lang1 + name1)) + lang1.encode() + name1.encode()
2535 venue2 = struct.pack('B', len(lang2 + name2)) + lang2.encode() + name2.encode()
2536 venue_name = binascii.hexlify(venue_info + venue1 + venue2)
2537
2538 url1 = "http://example.com/venue"
2539 url2 = "https://example.org/venue-info/"
2540 params["venue_group"] = str(venue_group)
2541 params["venue_type"] = str(venue_type)
2542 params["venue_name"] = [ lang1 + ":" + name1, lang2 + ":" + name2 ]
2543 params["venue_url"] = [ "1:" + url1, "2:" + url2 ]
2544
2545 hapd = hostapd.add_ap(apdev[0], params)
2546
2547 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
2548 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2549 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname, "venue", "12345678"))
2550 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "venue"))
2551 sigma_dut_wait_connected(ifname)
2552 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2553 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname + ",Display,Yes")
2554 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2555 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2556
2557 stop_sigma_dut(sigma)
2558
2559 def test_sigma_dut_hs20_assoc_24(dev, apdev):
2560 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2561 run_sigma_dut_hs20_assoc(dev, apdev, True)
2562
2563 def test_sigma_dut_hs20_assoc_5(dev, apdev):
2564 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2565 run_sigma_dut_hs20_assoc(dev, apdev, False)
2566
2567 def run_sigma_dut_hs20_assoc(dev, apdev, band24):
2568 hapd0 = None
2569 hapd1 = None
2570 try:
2571 bssid0 = apdev[0]['bssid']
2572 params = hs20_ap_params()
2573 params['hessid'] = bssid0
2574 hapd0 = hostapd.add_ap(apdev[0], params)
2575
2576 bssid1 = apdev[1]['bssid']
2577 params = hs20_ap_params()
2578 params['hessid'] = bssid0
2579 params["hw_mode"] = "a"
2580 params["channel"] = "36"
2581 params["country_code"] = "US"
2582 hapd1 = hostapd.add_ap(apdev[1], params)
2583
2584 band = "2.4" if band24 else "5"
2585 exp_bssid = bssid0 if band24 else bssid1
2586 run_sigma_dut_hs20_assoc_2(dev, apdev, band, exp_bssid)
2587 finally:
2588 dev[0].request("DISCONNECT")
2589 if hapd0:
2590 hapd0.request("DISABLE")
2591 if hapd1:
2592 hapd1.request("DISABLE")
2593 subprocess.call(['iw', 'reg', 'set', '00'])
2594 dev[0].flush_scan_cache()
2595
2596 def run_sigma_dut_hs20_assoc_2(dev, apdev, band, expect_bssid):
2597 check_eap_capa(dev[0], "MSCHAPV2")
2598 dev[0].flush_scan_cache()
2599
2600 ifname = dev[0].ifname
2601 sigma = start_sigma_dut(ifname, debug=True)
2602
2603 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname)
2604 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
2605 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname)
2606 res = sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname, band),
2607 timeout=15)
2608 sigma_dut_wait_connected(ifname)
2609 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
2610 sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
2611 sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
2612
2613 stop_sigma_dut(sigma)
2614
2615 if "BSSID," + expect_bssid not in res:
2616 raise Exception("Unexpected BSSID: " + res)
2617
2618 def test_sigma_dut_ap_hs20(dev, apdev, params):
2619 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2620 logdir = os.path.join(params['logdir'],
2621 "sigma_dut_ap_hs20.sigma-hostapd")
2622 conffile = os.path.join(params['logdir'],
2623 "sigma_dut_ap_hs20.sigma-conf")
2624 with HWSimRadio() as (radio, iface):
2625 sigma = start_sigma_dut(iface, hostapd_logdir=logdir, debug=True)
2626 try:
2627 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2628 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2629 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2630 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2631 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
2632 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
2633 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2634 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2635 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2636 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2637 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2638 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
2639 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
2640 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2641
2642 with open("/tmp/sigma_dut-ap.conf", "rb") as f:
2643 with open(conffile, "wb") as f2:
2644 f2.write(f.read())
2645
2646 sigma_dut_cmd_check("ap_reset_default")
2647 finally:
2648 stop_sigma_dut(sigma)
Unnamed repository; edit this file 'description' to name the repository.