1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
9 logger
= logging
.getLogger()
18 from utils
import HwsimSkip
19 from hwsim
import HWSimRadio
21 from test_dpp
import check_dpp_capab
, update_hapd_config
22 from test_suite_b
import check_suite_b_192_capa
, suite_b_as_params
, suite_b_192_rsa_ap_params
23 from test_ap_eap
import check_eap_capa
24 from test_ap_hs20
import hs20_ap_params
26 def check_sigma_dut():
27 if not os
.path
.exists("./sigma_dut"):
28 raise HwsimSkip("sigma_dut not available")
31 return binascii
.hexlify(s
.encode()).decode()
34 return binascii
.unhexlify(s
).decode()
36 def sigma_dut_cmd(cmd
, port
=9000, timeout
=2):
37 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
39 sock
.settimeout(timeout
)
40 addr
= ('127.0.0.1', port
)
42 sock
.send(cmd
.encode() + b
"\r\n")
44 res
= sock
.recv(1000).decode()
47 for line
in res
.splitlines():
48 if line
.startswith("status,RUNNING"):
50 elif line
.startswith("status,INVALID"):
52 elif line
.startswith("status,ERROR"):
54 elif line
.startswith("status,COMPLETE"):
56 if running
and not done
:
57 # Read the actual response
58 res
= sock
.recv(1000).decode()
64 logger
.debug("sigma_dut: '%s' --> '%s'" % (cmd
, res
))
67 def sigma_dut_cmd_check(cmd
, port
=9000, timeout
=2):
68 res
= sigma_dut_cmd(cmd
, port
=port
, timeout
=timeout
)
69 if "COMPLETE" not in res
:
70 raise Exception("sigma_dut command failed: " + cmd
)
73 def start_sigma_dut(ifname
, debug
=False, hostapd_logdir
=None, cert_path
=None,
79 '-F', '../../hostapd/hostapd',
81 '-w', '/var/run/wpa_supplicant/',
86 cmd
+= ['-H', hostapd_logdir
]
88 cmd
+= ['-C', cert_path
]
91 sigma
= subprocess
.Popen(cmd
, stdout
=subprocess
.PIPE
,
92 stderr
=subprocess
.PIPE
)
95 res
= sigma_dut_cmd("HELLO")
101 def stop_sigma_dut(sigma
):
104 out
, err
= sigma
.communicate()
105 logger
.debug("sigma_dut stdout: " + str(out
.decode()))
106 logger
.debug("sigma_dut stderr: " + str(err
.decode()))
108 def sigma_dut_wait_connected(ifname
):
110 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
111 if "connected,1" in res
:
115 raise Exception("Connection did not complete")
117 def test_sigma_dut_basic(dev
, apdev
):
118 """sigma_dut basic functionality"""
119 sigma
= start_sigma_dut(dev
[0].ifname
)
121 res
= sigma_dut_cmd("UNKNOWN")
122 if "status,INVALID,errorCode,Unknown command" not in res
:
123 raise Exception("Unexpected sigma_dut response to unknown command")
125 tests
= [("ca_get_version", "status,COMPLETE,version,1.0"),
126 ("device_get_info", "status,COMPLETE,vendor"),
127 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
128 ("device_list_interfaces,interfaceType,802.11",
129 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev
[0].ifname
)]
130 for cmd
, response
in tests
:
131 res
= sigma_dut_cmd(cmd
)
132 if response
not in res
:
133 raise Exception("Unexpected %s response: %s" % (cmd
, res
))
135 stop_sigma_dut(sigma
)
137 def test_sigma_dut_open(dev
, apdev
):
138 """sigma_dut controlled open network association"""
140 run_sigma_dut_open(dev
, apdev
)
142 dev
[0].set("ignore_old_scan_res", "0")
144 def run_sigma_dut_open(dev
, apdev
):
145 ifname
= dev
[0].ifname
146 sigma
= start_sigma_dut(ifname
)
148 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "open"})
150 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
151 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname
, "open"))
152 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "open"))
153 sigma_dut_wait_connected(ifname
)
154 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
155 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
156 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
158 stop_sigma_dut(sigma
)
160 def test_sigma_dut_psk_pmf(dev
, apdev
):
161 """sigma_dut controlled PSK+PMF association"""
163 run_sigma_dut_psk_pmf(dev
, apdev
)
165 dev
[0].set("ignore_old_scan_res", "0")
167 def run_sigma_dut_psk_pmf(dev
, apdev
):
168 ifname
= dev
[0].ifname
169 sigma
= start_sigma_dut(ifname
)
171 ssid
= "test-pmf-required"
172 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
173 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
174 params
["ieee80211w"] = "2"
175 hapd
= hostapd
.add_ap(apdev
[0], params
)
177 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
178 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
179 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname
, "test-pmf-required", "12345678"))
180 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
181 sigma_dut_wait_connected(ifname
)
182 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
183 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
184 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
186 stop_sigma_dut(sigma
)
188 def test_sigma_dut_psk_pmf_bip_cmac_128(dev
, apdev
):
189 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
191 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-128", "AES-128-CMAC")
193 dev
[0].set("ignore_old_scan_res", "0")
195 def test_sigma_dut_psk_pmf_bip_cmac_256(dev
, apdev
):
196 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
198 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-256", "BIP-CMAC-256")
200 dev
[0].set("ignore_old_scan_res", "0")
202 def test_sigma_dut_psk_pmf_bip_gmac_128(dev
, apdev
):
203 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
205 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-128", "BIP-GMAC-128")
207 dev
[0].set("ignore_old_scan_res", "0")
209 def test_sigma_dut_psk_pmf_bip_gmac_256(dev
, apdev
):
210 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
212 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "BIP-GMAC-256")
214 dev
[0].set("ignore_old_scan_res", "0")
216 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev
, apdev
):
217 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
219 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "AES-128-CMAC",
222 dev
[0].set("ignore_old_scan_res", "0")
224 def run_sigma_dut_psk_pmf_cipher(dev
, apdev
, sigma_cipher
, hostapd_cipher
,
226 ifname
= dev
[0].ifname
227 sigma
= start_sigma_dut(ifname
)
229 ssid
= "test-pmf-required"
230 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
231 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
232 params
["ieee80211w"] = "2"
233 params
["group_mgmt_cipher"] = hostapd_cipher
234 hapd
= hostapd
.add_ap(apdev
[0], params
)
236 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
237 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
238 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname
, "test-pmf-required", "12345678", sigma_cipher
))
239 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
241 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
242 "CTRL-EVENT-CONNECTED"], timeout
=10)
244 raise Exception("Network selection result not indicated")
245 if "CTRL-EVENT-CONNECTED" in ev
:
246 raise Exception("Unexpected connection")
247 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
248 if "connected,1" in res
:
249 raise Exception("Connection reported")
251 sigma_dut_wait_connected(ifname
)
252 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
254 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
255 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
257 stop_sigma_dut(sigma
)
259 def test_sigma_dut_sae(dev
, apdev
):
260 """sigma_dut controlled SAE association"""
261 if "SAE" not in dev
[0].get_capability("auth_alg"):
262 raise HwsimSkip("SAE not supported")
264 ifname
= dev
[0].ifname
265 sigma
= start_sigma_dut(ifname
)
268 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
269 params
['wpa_key_mgmt'] = 'SAE'
270 params
["ieee80211w"] = "2"
271 params
['sae_groups'] = '19 20 21'
272 hapd
= hostapd
.add_ap(apdev
[0], params
)
274 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
275 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
276 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", "12345678"))
277 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
278 sigma_dut_wait_connected(ifname
)
279 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
280 if dev
[0].get_status_field('sae_group') != '19':
281 raise Exception("Expected default SAE group not used")
282 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
284 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
286 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
287 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname
, "test-sae", "12345678"))
288 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
289 sigma_dut_wait_connected(ifname
)
290 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
291 if dev
[0].get_status_field('sae_group') != '20':
292 raise Exception("Expected SAE group not used")
293 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
294 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
296 stop_sigma_dut(sigma
)
298 def test_sigma_dut_sae_password(dev
, apdev
):
299 """sigma_dut controlled SAE association and long password"""
300 if "SAE" not in dev
[0].get_capability("auth_alg"):
301 raise HwsimSkip("SAE not supported")
303 ifname
= dev
[0].ifname
304 sigma
= start_sigma_dut(ifname
)
308 params
= hostapd
.wpa2_params(ssid
=ssid
)
309 params
['sae_password'] = 100*'B'
310 params
['wpa_key_mgmt'] = 'SAE'
311 params
["ieee80211w"] = "2"
312 hapd
= hostapd
.add_ap(apdev
[0], params
)
314 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
315 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
316 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", 100*'B'))
317 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
318 sigma_dut_wait_connected(ifname
)
319 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
320 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
321 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
323 stop_sigma_dut(sigma
)
325 def test_sigma_dut_sae_pw_id(dev
, apdev
):
326 """sigma_dut controlled SAE association with Password Identifier"""
327 if "SAE" not in dev
[0].get_capability("auth_alg"):
328 raise HwsimSkip("SAE not supported")
330 ifname
= dev
[0].ifname
331 sigma
= start_sigma_dut(ifname
, debug
=True)
334 params
= hostapd
.wpa2_params(ssid
=ssid
)
335 params
['wpa_key_mgmt'] = 'SAE'
336 params
["ieee80211w"] = "2"
337 params
['sae_password'] = 'secret|id=pw id'
338 params
['sae_groups'] = '19'
339 hapd
= hostapd
.add_ap(apdev
[0], params
)
341 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
342 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
343 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,AKMSuiteType,8;9,PasswordID,pw id" % (ifname
, "test-sae", "secret"))
344 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
345 sigma_dut_wait_connected(ifname
)
346 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
347 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
349 stop_sigma_dut(sigma
)
351 def test_sigma_dut_sae_pw_id_ft(dev
, apdev
):
352 """sigma_dut controlled SAE association with Password Identifier and FT"""
353 if "SAE" not in dev
[0].get_capability("auth_alg"):
354 raise HwsimSkip("SAE not supported")
356 ifname
= dev
[0].ifname
357 sigma
= start_sigma_dut(ifname
, debug
=True)
360 params
= hostapd
.wpa2_params(ssid
=ssid
)
361 params
['wpa_key_mgmt'] = 'SAE FT-SAE'
362 params
["ieee80211w"] = "2"
363 params
['sae_password'] = ['pw1|id=id1', 'pw2|id=id2', 'pw3', 'pw4|id=id4']
364 params
['mobility_domain'] = 'aabb'
365 params
['ft_over_ds'] = '0'
366 bssid
= apdev
[0]['bssid'].replace(':', '')
367 params
['nas_identifier'] = bssid
+ '.nas.example.com'
368 params
['r1_key_holder'] = bssid
369 params
['pmk_r1_push'] = '0'
370 params
['r0kh'] = 'ff:ff:ff:ff:ff:ff * 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff'
371 params
['r1kh'] = '00:00:00:00:00:00 00:00:00:00:00:00 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff'
372 hapd
= hostapd
.add_ap(apdev
[0], params
)
374 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
375 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
376 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,AKMSuiteType,8;9,PasswordID,id2" % (ifname
, "test-sae", "pw2"))
377 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
378 sigma_dut_wait_connected(ifname
)
380 bssid
= apdev
[1]['bssid'].replace(':', '')
381 params
['nas_identifier'] = bssid
+ '.nas.example.com'
382 params
['r1_key_holder'] = bssid
383 hapd2
= hostapd
.add_ap(apdev
[1], params
)
384 bssid
= hapd2
.own_addr()
385 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname
, bssid
))
386 dev
[0].wait_connected()
388 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
389 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
391 stop_sigma_dut(sigma
)
393 def test_sigma_dut_sta_override_rsne(dev
, apdev
):
394 """sigma_dut and RSNE override on STA"""
396 run_sigma_dut_sta_override_rsne(dev
, apdev
)
398 dev
[0].set("ignore_old_scan_res", "0")
400 def run_sigma_dut_sta_override_rsne(dev
, apdev
):
401 ifname
= dev
[0].ifname
402 sigma
= start_sigma_dut(ifname
)
405 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
406 hapd
= hostapd
.add_ap(apdev
[0], params
)
408 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
410 tests
= ["30120100000fac040100000fac040100000fac02",
411 "30140100000fac040100000fac040100000fac02ffff"]
413 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
414 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname
, test
))
415 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
416 sigma_dut_wait_connected(ifname
)
417 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
418 dev
[0].dump_monitor()
420 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
421 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname
)
422 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
424 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
426 raise Exception("Association rejection not reported")
427 if "status_code=40" not in ev
:
428 raise Exception("Unexpected status code: " + ev
)
430 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
432 stop_sigma_dut(sigma
)
434 def test_sigma_dut_ap_psk(dev
, apdev
):
435 """sigma_dut controlled AP"""
436 with
HWSimRadio() as (radio
, iface
):
437 sigma
= start_sigma_dut(iface
)
439 sigma_dut_cmd_check("ap_reset_default")
440 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
441 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
442 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
444 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
446 sigma_dut_cmd_check("ap_reset_default")
448 stop_sigma_dut(sigma
)
450 def test_sigma_dut_ap_pskhex(dev
, apdev
, params
):
451 """sigma_dut controlled AP and PSKHEX"""
452 logdir
= os
.path
.join(params
['logdir'],
453 "sigma_dut_ap_pskhex.sigma-hostapd")
454 with
HWSimRadio() as (radio
, iface
):
455 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
457 psk
= "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
458 sigma_dut_cmd_check("ap_reset_default")
459 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
460 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk
)
461 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
463 dev
[0].connect("test-psk", raw_psk
=psk
, scan_freq
="2412")
465 sigma_dut_cmd_check("ap_reset_default")
467 stop_sigma_dut(sigma
)
469 def test_sigma_dut_ap_psk_sha256(dev
, apdev
, params
):
470 """sigma_dut controlled AP PSK SHA256"""
471 logdir
= os
.path
.join(params
['logdir'],
472 "sigma_dut_ap_psk_sha256.sigma-hostapd")
473 with
HWSimRadio() as (radio
, iface
):
474 sigma
= start_sigma_dut(iface
)
476 sigma_dut_cmd_check("ap_reset_default")
477 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
478 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
479 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
481 dev
[0].connect("test-psk", key_mgmt
="WPA-PSK-SHA256",
482 psk
="12345678", scan_freq
="2412")
484 sigma_dut_cmd_check("ap_reset_default")
486 stop_sigma_dut(sigma
)
488 def test_sigma_dut_suite_b(dev
, apdev
, params
):
489 """sigma_dut controlled STA Suite B"""
490 check_suite_b_192_capa(dev
)
491 logdir
= params
['logdir']
493 with
open("auth_serv/ec2-ca.pem", "r") as f
:
494 with
open(os
.path
.join(logdir
, "suite_b_ca.pem"), "w") as f2
:
497 with
open("auth_serv/ec2-user.pem", "r") as f
:
498 with
open("auth_serv/ec2-user.key", "r") as f2
:
499 with
open(os
.path
.join(logdir
, "suite_b.pem"), "w") as f3
:
503 dev
[0].flush_scan_cache()
504 params
= suite_b_as_params()
505 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
506 params
['server_cert'] = 'auth_serv/ec2-server.pem'
507 params
['private_key'] = 'auth_serv/ec2-server.key'
508 params
['openssl_ciphers'] = 'SUITEB192'
509 hostapd
.add_ap(apdev
[1], params
)
511 params
= {"ssid": "test-suite-b",
513 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
514 "rsn_pairwise": "GCMP-256",
515 "group_mgmt_cipher": "BIP-GMAC-256",
518 'auth_server_addr': "127.0.0.1",
519 'auth_server_port': "18129",
520 'auth_server_shared_secret': "radius",
521 'nas_identifier': "nas.w1.fi"}
522 hapd
= hostapd
.add_ap(apdev
[0], params
)
524 ifname
= dev
[0].ifname
525 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
527 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
528 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
529 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname
, "test-suite-b"))
530 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
531 sigma_dut_wait_connected(ifname
)
532 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
533 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
534 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
536 stop_sigma_dut(sigma
)
538 def test_sigma_dut_suite_b_rsa(dev
, apdev
, params
):
539 """sigma_dut controlled STA Suite B (RSA)"""
540 check_suite_b_192_capa(dev
)
541 logdir
= params
['logdir']
543 with
open("auth_serv/rsa3072-ca.pem", "r") as f
:
544 with
open(os
.path
.join(logdir
, "suite_b_ca_rsa.pem"), "w") as f2
:
547 with
open("auth_serv/rsa3072-user.pem", "r") as f
:
548 with
open("auth_serv/rsa3072-user.key", "r") as f2
:
549 with
open(os
.path
.join(logdir
, "suite_b_rsa.pem"), "w") as f3
:
553 dev
[0].flush_scan_cache()
554 params
= suite_b_192_rsa_ap_params()
555 hapd
= hostapd
.add_ap(apdev
[0], params
)
557 ifname
= dev
[0].ifname
558 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
560 cmd
= "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname
, "test-suite-b")
563 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
564 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"]
566 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
567 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
568 sigma_dut_cmd_check(cmd
+ extra
)
569 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
570 sigma_dut_wait_connected(ifname
)
571 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
572 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
573 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
575 stop_sigma_dut(sigma
)
577 def test_sigma_dut_ap_suite_b(dev
, apdev
, params
):
578 """sigma_dut controlled AP Suite B"""
579 check_suite_b_192_capa(dev
)
580 logdir
= os
.path
.join(params
['logdir'],
581 "sigma_dut_ap_suite_b.sigma-hostapd")
582 params
= suite_b_as_params()
583 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
584 params
['server_cert'] = 'auth_serv/ec2-server.pem'
585 params
['private_key'] = 'auth_serv/ec2-server.key'
586 params
['openssl_ciphers'] = 'SUITEB192'
587 hostapd
.add_ap(apdev
[1], params
)
588 with
HWSimRadio() as (radio
, iface
):
589 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
591 sigma_dut_cmd_check("ap_reset_default")
592 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
593 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
594 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
595 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
597 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
599 openssl_ciphers
="SUITEB192",
600 eap
="TLS", identity
="tls user",
601 ca_cert
="auth_serv/ec2-ca.pem",
602 client_cert
="auth_serv/ec2-user.pem",
603 private_key
="auth_serv/ec2-user.key",
604 pairwise
="GCMP-256", group
="GCMP-256",
607 sigma_dut_cmd_check("ap_reset_default")
609 stop_sigma_dut(sigma
)
611 def test_sigma_dut_ap_cipher_gcmp_128(dev
, apdev
, params
):
612 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
613 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-128", "BIP-GMAC-128",
616 def test_sigma_dut_ap_cipher_gcmp_256(dev
, apdev
, params
):
617 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
618 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
621 def test_sigma_dut_ap_cipher_ccmp_128(dev
, apdev
, params
):
622 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
623 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128", "BIP-CMAC-128",
626 def test_sigma_dut_ap_cipher_ccmp_256(dev
, apdev
, params
):
627 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
628 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-256", "BIP-CMAC-256",
631 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev
, apdev
, params
):
632 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
633 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
634 "BIP-GMAC-256", "CCMP")
636 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev
, apdev
, params
):
637 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
638 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
639 "BIP-GMAC-256", "GCMP-256", "CCMP")
641 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev
, apdev
, params
):
642 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
643 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
644 "GCMP-256", "CCMP", "AES-CCMP-128")
646 def run_sigma_dut_ap_cipher(dev
, apdev
, params
, ap_pairwise
, ap_group_mgmt
,
647 sta_cipher
, sta_cipher_group
=None, ap_group
=None):
648 check_suite_b_192_capa(dev
)
649 logdir
= os
.path
.join(params
['logdir'],
650 "sigma_dut_ap_cipher.sigma-hostapd")
651 params
= suite_b_as_params()
652 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
653 params
['server_cert'] = 'auth_serv/ec2-server.pem'
654 params
['private_key'] = 'auth_serv/ec2-server.key'
655 params
['openssl_ciphers'] = 'SUITEB192'
656 hostapd
.add_ap(apdev
[1], params
)
657 with
HWSimRadio() as (radio
, iface
):
658 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
660 sigma_dut_cmd_check("ap_reset_default")
661 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
662 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
663 cmd
= "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise
, ap_group_mgmt
)
665 cmd
+= ",GroupCipher,%s" % ap_group
666 sigma_dut_cmd_check(cmd
)
667 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
669 if sta_cipher_group
is None:
670 sta_cipher_group
= sta_cipher
671 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
673 openssl_ciphers
="SUITEB192",
674 eap
="TLS", identity
="tls user",
675 ca_cert
="auth_serv/ec2-ca.pem",
676 client_cert
="auth_serv/ec2-user.pem",
677 private_key
="auth_serv/ec2-user.key",
678 pairwise
=sta_cipher
, group
=sta_cipher_group
,
681 sigma_dut_cmd_check("ap_reset_default")
683 stop_sigma_dut(sigma
)
685 def test_sigma_dut_ap_override_rsne(dev
, apdev
):
686 """sigma_dut controlled AP overriding RSNE"""
687 with
HWSimRadio() as (radio
, iface
):
688 sigma
= start_sigma_dut(iface
)
690 sigma_dut_cmd_check("ap_reset_default")
691 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
692 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
693 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface
)
694 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
696 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
698 sigma_dut_cmd_check("ap_reset_default")
700 stop_sigma_dut(sigma
)
702 def test_sigma_dut_ap_sae(dev
, apdev
, params
):
703 """sigma_dut controlled AP with SAE"""
704 logdir
= os
.path
.join(params
['logdir'],
705 "sigma_dut_ap_sae.sigma-hostapd")
706 if "SAE" not in dev
[0].get_capability("auth_alg"):
707 raise HwsimSkip("SAE not supported")
708 with
HWSimRadio() as (radio
, iface
):
709 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
711 sigma_dut_cmd_check("ap_reset_default")
712 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
713 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
714 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
716 dev
[0].request("SET sae_groups ")
717 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
718 ieee80211w
="2", scan_freq
="2412")
719 if dev
[0].get_status_field('sae_group') != '19':
720 raise Exception("Expected default SAE group not used")
722 sigma_dut_cmd_check("ap_reset_default")
724 stop_sigma_dut(sigma
)
726 def test_sigma_dut_ap_sae_password(dev
, apdev
, params
):
727 """sigma_dut controlled AP with SAE and long password"""
728 logdir
= os
.path
.join(params
['logdir'],
729 "sigma_dut_ap_sae_password.sigma-hostapd")
730 if "SAE" not in dev
[0].get_capability("auth_alg"):
731 raise HwsimSkip("SAE not supported")
732 with
HWSimRadio() as (radio
, iface
):
733 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
735 sigma_dut_cmd_check("ap_reset_default")
736 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
737 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
738 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
740 dev
[0].request("SET sae_groups ")
741 dev
[0].connect("test-sae", key_mgmt
="SAE", sae_password
=100*'C',
742 ieee80211w
="2", scan_freq
="2412")
743 if dev
[0].get_status_field('sae_group') != '19':
744 raise Exception("Expected default SAE group not used")
746 sigma_dut_cmd_check("ap_reset_default")
748 stop_sigma_dut(sigma
)
750 def test_sigma_dut_ap_sae_pw_id(dev
, apdev
, params
):
751 """sigma_dut controlled AP with SAE Password Identifier"""
752 logdir
= os
.path
.join(params
['logdir'],
753 "sigma_dut_ap_sae_pw_id.sigma-hostapd")
754 conffile
= os
.path
.join(params
['logdir'],
755 "sigma_dut_ap_sae_pw_id.sigma-conf")
756 if "SAE" not in dev
[0].get_capability("auth_alg"):
757 raise HwsimSkip("SAE not supported")
758 with
HWSimRadio() as (radio
, iface
):
759 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
761 sigma_dut_cmd_check("ap_reset_default")
762 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
763 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8,SAEPasswords,pw1:id1;pw2:id2;pw3;pw4:id4,PMF,Required")
764 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
766 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
767 with
open(conffile
, "wb") as f2
:
770 dev
[0].request("SET sae_groups ")
771 tests
= [("pw1", "id1"),
775 for pw
, pw_id
in tests
:
776 dev
[0].connect("test-sae", key_mgmt
="SAE", sae_password
=pw
,
777 sae_password_id
=pw_id
,
778 ieee80211w
="2", scan_freq
="2412")
779 dev
[0].request("REMOVE_NETWORK all")
780 dev
[0].wait_disconnected()
782 sigma_dut_cmd_check("ap_reset_default")
784 stop_sigma_dut(sigma
)
786 def test_sigma_dut_ap_sae_pw_id_ft(dev
, apdev
, params
):
787 """sigma_dut controlled AP with SAE Password Identifier and FT"""
788 logdir
= os
.path
.join(params
['logdir'],
789 "sigma_dut_ap_sae_pw_id_ft.sigma-hostapd")
790 conffile
= os
.path
.join(params
['logdir'],
791 "sigma_dut_ap_sae_pw_id_ft.sigma-conf")
792 if "SAE" not in dev
[0].get_capability("auth_alg"):
793 raise HwsimSkip("SAE not supported")
794 with
HWSimRadio() as (radio
, iface
):
795 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
797 sigma_dut_cmd_check("ap_reset_default")
798 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng,DOMAIN,aabb")
799 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8;9,SAEPasswords,pw1:id1;pw2:id2;pw3;pw4:id4,PMF,Required")
800 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
802 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
803 with
open(conffile
, "wb") as f2
:
806 dev
[0].request("SET sae_groups ")
807 tests
= [("pw1", "id1", "SAE"),
808 ("pw2", "id2", "FT-SAE"),
809 ("pw3", None, "FT-SAE"),
810 ("pw4", "id4", "SAE")]
811 for pw
, pw_id
, key_mgmt
in tests
:
812 dev
[0].connect("test-sae", key_mgmt
=key_mgmt
, sae_password
=pw
,
813 sae_password_id
=pw_id
,
814 ieee80211w
="2", scan_freq
="2412")
815 dev
[0].request("REMOVE_NETWORK all")
816 dev
[0].wait_disconnected()
818 sigma_dut_cmd_check("ap_reset_default")
820 stop_sigma_dut(sigma
)
822 def test_sigma_dut_ap_sae_group(dev
, apdev
, params
):
823 """sigma_dut controlled AP with SAE and specific group"""
824 logdir
= os
.path
.join(params
['logdir'],
825 "sigma_dut_ap_sae_group.sigma-hostapd")
826 if "SAE" not in dev
[0].get_capability("auth_alg"):
827 raise HwsimSkip("SAE not supported")
828 with
HWSimRadio() as (radio
, iface
):
829 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
831 sigma_dut_cmd_check("ap_reset_default")
832 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
833 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
834 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
836 dev
[0].request("SET sae_groups ")
837 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
838 ieee80211w
="2", scan_freq
="2412")
839 if dev
[0].get_status_field('sae_group') != '20':
840 raise Exception("Expected SAE group not used")
842 sigma_dut_cmd_check("ap_reset_default")
844 stop_sigma_dut(sigma
)
846 def test_sigma_dut_ap_psk_sae(dev
, apdev
, params
):
847 """sigma_dut controlled AP with PSK+SAE"""
848 if "SAE" not in dev
[0].get_capability("auth_alg"):
849 raise HwsimSkip("SAE not supported")
850 logdir
= os
.path
.join(params
['logdir'],
851 "sigma_dut_ap_psk_sae.sigma-hostapd")
852 with
HWSimRadio() as (radio
, iface
):
853 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
855 sigma_dut_cmd_check("ap_reset_default")
856 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
857 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
858 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
860 dev
[2].request("SET sae_groups ")
861 dev
[2].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
862 scan_freq
="2412", ieee80211w
="0", wait_connect
=False)
863 dev
[0].request("SET sae_groups ")
864 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
865 scan_freq
="2412", ieee80211w
="2")
866 dev
[1].connect("test-sae", psk
="12345678", scan_freq
="2412")
868 ev
= dev
[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=0.1)
869 dev
[2].request("DISCONNECT")
871 raise Exception("Unexpected connection without PMF")
873 sigma_dut_cmd_check("ap_reset_default")
875 stop_sigma_dut(sigma
)
877 def test_sigma_dut_ap_psk_sae_ft(dev
, apdev
, params
):
878 """sigma_dut controlled AP with PSK, SAE, FT"""
879 logdir
= os
.path
.join(params
['logdir'],
880 "sigma_dut_ap_psk_sae_ft.sigma-hostapd")
881 conffile
= os
.path
.join(params
['logdir'],
882 "sigma_dut_ap_psk_sae_ft.sigma-conf")
883 if "SAE" not in dev
[0].get_capability("auth_alg"):
884 raise HwsimSkip("SAE not supported")
885 with
HWSimRadio() as (radio
, iface
):
886 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
888 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
889 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae-psk,MODE,11ng,DOMAIN,aabb")
890 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,2;4;6;8;9,PSK,12345678,PairwiseCipher,AES-CCMP-128,GroupCipher,AES-CCMP-128")
891 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,DOMAIN,0101,FT_OA,Enable")
892 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,FT_BSS_LIST," + apdev
[1]['bssid'])
893 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
895 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
896 with
open(conffile
, "wb") as f2
:
899 dev
[0].request("SET sae_groups ")
900 dev
[0].connect("test-sae-psk", key_mgmt
="SAE FT-SAE",
901 sae_password
="12345678", scan_freq
="2412")
902 dev
[1].connect("test-sae-psk", key_mgmt
="WPA-PSK FT-PSK",
903 psk
="12345678", scan_freq
="2412")
904 dev
[2].connect("test-sae-psk", key_mgmt
="WPA-PSK",
905 psk
="12345678", scan_freq
="2412")
907 sigma_dut_cmd_check("ap_reset_default")
909 stop_sigma_dut(sigma
)
911 def test_sigma_dut_owe(dev
, apdev
):
912 """sigma_dut controlled OWE station"""
914 run_sigma_dut_owe(dev
, apdev
)
916 dev
[0].set("ignore_old_scan_res", "0")
918 def run_sigma_dut_owe(dev
, apdev
):
919 if "OWE" not in dev
[0].get_capability("key_mgmt"):
920 raise HwsimSkip("OWE not supported")
922 ifname
= dev
[0].ifname
923 sigma
= start_sigma_dut(ifname
)
926 params
= {"ssid": "owe",
928 "wpa_key_mgmt": "OWE",
930 "rsn_pairwise": "CCMP"}
931 hapd
= hostapd
.add_ap(apdev
[0], params
)
932 bssid
= hapd
.own_addr()
934 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
935 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
936 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname
)
937 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
938 sigma_dut_wait_connected(ifname
)
939 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
941 dev
[0].dump_monitor()
942 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname
, bssid
))
943 dev
[0].wait_connected()
944 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
945 dev
[0].wait_disconnected()
946 dev
[0].dump_monitor()
948 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
949 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
950 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname
)
951 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
952 sigma_dut_wait_connected(ifname
)
953 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
954 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
955 dev
[0].wait_disconnected()
956 dev
[0].dump_monitor()
958 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
959 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
960 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname
)
961 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
962 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
963 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
965 raise Exception("Association not rejected")
966 if "status_code=77" not in ev
:
967 raise Exception("Unexpected rejection reason: " + ev
)
969 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
971 stop_sigma_dut(sigma
)
973 def test_sigma_dut_ap_owe(dev
, apdev
, params
):
974 """sigma_dut controlled AP with OWE"""
975 logdir
= os
.path
.join(params
['logdir'],
976 "sigma_dut_ap_owe.sigma-hostapd")
977 if "OWE" not in dev
[0].get_capability("key_mgmt"):
978 raise HwsimSkip("OWE not supported")
979 with
HWSimRadio() as (radio
, iface
):
980 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
982 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
983 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
984 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
985 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
987 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
990 sigma_dut_cmd_check("ap_reset_default")
992 stop_sigma_dut(sigma
)
994 def test_sigma_dut_ap_owe_ecgroupid(dev
, apdev
):
995 """sigma_dut controlled AP with OWE and ECGroupID"""
996 if "OWE" not in dev
[0].get_capability("key_mgmt"):
997 raise HwsimSkip("OWE not supported")
998 with
HWSimRadio() as (radio
, iface
):
999 sigma
= start_sigma_dut(iface
)
1001 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1002 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
1003 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
1004 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1006 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1007 owe_group
="20", scan_freq
="2412")
1008 dev
[0].request("REMOVE_NETWORK all")
1009 dev
[0].wait_disconnected()
1011 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1012 owe_group
="21", scan_freq
="2412")
1013 dev
[0].request("REMOVE_NETWORK all")
1014 dev
[0].wait_disconnected()
1016 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1017 owe_group
="19", scan_freq
="2412", wait_connect
=False)
1018 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
1019 dev
[0].request("DISCONNECT")
1021 raise Exception("Association not rejected")
1022 if "status_code=77" not in ev
:
1023 raise Exception("Unexpected rejection reason: " + ev
)
1024 dev
[0].dump_monitor()
1026 sigma_dut_cmd_check("ap_reset_default")
1028 stop_sigma_dut(sigma
)
1030 def test_sigma_dut_ap_owe_transition_mode(dev
, apdev
, params
):
1031 """sigma_dut controlled AP with OWE and transition mode"""
1032 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1033 raise HwsimSkip("OWE not supported")
1034 logdir
= os
.path
.join(params
['logdir'],
1035 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
1036 with
HWSimRadio() as (radio
, iface
):
1037 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1039 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1040 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
1041 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
1042 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
1043 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
1044 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1046 res1
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
1047 res2
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
1049 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1051 dev
[1].connect("owe", key_mgmt
="NONE", scan_freq
="2412")
1052 if dev
[0].get_status_field('bssid') not in res1
:
1053 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1
)
1054 if dev
[1].get_status_field('bssid') not in res2
:
1055 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2
)
1057 sigma_dut_cmd_check("ap_reset_default")
1059 stop_sigma_dut(sigma
)
1061 def test_sigma_dut_ap_owe_transition_mode_2(dev
, apdev
, params
):
1062 """sigma_dut controlled AP with OWE and transition mode (2)"""
1063 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1064 raise HwsimSkip("OWE not supported")
1065 logdir
= os
.path
.join(params
['logdir'],
1066 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
1067 with
HWSimRadio() as (radio
, iface
):
1068 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1070 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1071 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
1072 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
1073 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
1074 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
1075 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1077 res1
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
1078 res2
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
1080 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1082 dev
[1].connect("owe", key_mgmt
="NONE", scan_freq
="2412")
1083 if dev
[0].get_status_field('bssid') not in res2
:
1084 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1
)
1085 if dev
[1].get_status_field('bssid') not in res1
:
1086 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2
)
1088 sigma_dut_cmd_check("ap_reset_default")
1090 stop_sigma_dut(sigma
)
1092 def dpp_init_enrollee(dev
, id1
):
1093 logger
.info("Starting DPP initiator/enrollee in a thread")
1095 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
1096 if "OK" not in dev
.request(cmd
):
1097 raise Exception("Failed to initiate DPP Authentication")
1098 ev
= dev
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
1100 raise Exception("DPP configuration not completed (Enrollee)")
1101 logger
.info("DPP initiator/enrollee done")
1103 def test_sigma_dut_dpp_qr_resp_1(dev
, apdev
):
1104 """sigma_dut DPP/QR responder (conf index 1)"""
1105 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1)
1107 def test_sigma_dut_dpp_qr_resp_2(dev
, apdev
):
1108 """sigma_dut DPP/QR responder (conf index 2)"""
1109 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 2)
1111 def test_sigma_dut_dpp_qr_resp_3(dev
, apdev
):
1112 """sigma_dut DPP/QR responder (conf index 3)"""
1113 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 3)
1115 def test_sigma_dut_dpp_qr_resp_4(dev
, apdev
):
1116 """sigma_dut DPP/QR responder (conf index 4)"""
1117 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 4)
1119 def test_sigma_dut_dpp_qr_resp_5(dev
, apdev
):
1120 """sigma_dut DPP/QR responder (conf index 5)"""
1121 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 5)
1123 def test_sigma_dut_dpp_qr_resp_6(dev
, apdev
):
1124 """sigma_dut DPP/QR responder (conf index 6)"""
1125 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 6)
1127 def test_sigma_dut_dpp_qr_resp_7(dev
, apdev
):
1128 """sigma_dut DPP/QR responder (conf index 7)"""
1129 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 7)
1131 def test_sigma_dut_dpp_qr_resp_chan_list(dev
, apdev
):
1132 """sigma_dut DPP/QR responder (channel list override)"""
1133 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1, chan_list
='81/2 81/6 81/1',
1136 def run_sigma_dut_dpp_qr_resp(dev
, apdev
, conf_idx
, chan_list
=None,
1138 check_dpp_capab(dev
[0])
1139 check_dpp_capab(dev
[1])
1140 sigma
= start_sigma_dut(dev
[0].ifname
)
1142 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1144 cmd
+= ",DPPChannelList," + chan_list
1145 res
= sigma_dut_cmd(cmd
)
1146 if "status,COMPLETE" not in res
:
1147 raise Exception("dev_exec_action did not succeed: " + res
)
1148 hex = res
.split(',')[3]
1150 logger
.info("URI from sigma_dut: " + uri
)
1152 id1
= dev
[1].dpp_qr_code(uri
)
1154 t
= threading
.Thread(target
=dpp_init_enrollee
, args
=(dev
[1], id1
))
1156 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
1158 cmd
+= ",DPPListenChannel," + str(listen_chan
)
1159 res
= sigma_dut_cmd(cmd
, timeout
=10)
1161 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1162 raise Exception("Unexpected result: " + res
)
1164 stop_sigma_dut(sigma
)
1166 def test_sigma_dut_dpp_qr_init_enrollee(dev
, apdev
):
1167 """sigma_dut DPP/QR initiator as Enrollee"""
1168 check_dpp_capab(dev
[0])
1169 check_dpp_capab(dev
[1])
1171 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1172 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1173 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1174 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1176 params
= {"ssid": "DPPNET01",
1179 "wpa_key_mgmt": "DPP",
1180 "rsn_pairwise": "CCMP",
1181 "dpp_connector": ap_connector
,
1182 "dpp_csign": csign_pub
,
1183 "dpp_netaccesskey": ap_netaccesskey
}
1185 hapd
= hostapd
.add_ap(apdev
[0], params
)
1187 raise HwsimSkip("DPP not supported")
1189 sigma
= start_sigma_dut(dev
[0].ifname
)
1191 dev
[0].set("dpp_config_processing", "2")
1193 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1194 res
= dev
[1].request(cmd
)
1196 raise Exception("Failed to add configurator")
1199 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1200 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1202 dev
[1].set("dpp_configurator_params",
1203 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id
))
1204 cmd
= "DPP_LISTEN 2437 role=configurator"
1205 if "OK" not in dev
[1].request(cmd
):
1206 raise Exception("Failed to start listen operation")
1208 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1209 if "status,COMPLETE" not in res
:
1210 raise Exception("dev_exec_action did not succeed: " + res
)
1212 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1213 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1214 raise Exception("Unexpected result: " + res
)
1216 dev
[0].set("dpp_config_processing", "0")
1217 stop_sigma_dut(sigma
)
1219 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
1220 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1221 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
)
1223 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
):
1224 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1225 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
,
1226 extra
="DPPAuthDirection,Mutual,")
1228 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
, extra
=''):
1229 check_dpp_capab(dev
[0])
1230 check_dpp_capab(dev
[1])
1232 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1233 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1234 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1235 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1237 params
= {"ssid": "DPPNET01",
1240 "wpa_key_mgmt": "DPP",
1241 "rsn_pairwise": "CCMP",
1242 "dpp_connector": ap_connector
,
1243 "dpp_csign": csign_pub
,
1244 "dpp_netaccesskey": ap_netaccesskey
}
1246 hapd
= hostapd
.add_ap(apdev
[0], params
)
1248 raise HwsimSkip("DPP not supported")
1250 sigma
= start_sigma_dut(dev
[0].ifname
)
1252 dev
[0].set("dpp_config_processing", "2")
1254 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1255 res
= dev
[1].request(cmd
)
1257 raise Exception("Failed to add configurator")
1260 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1261 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1263 dev
[1].set("dpp_configurator_params",
1264 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id
))
1265 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1266 if "OK" not in dev
[1].request(cmd
):
1267 raise Exception("Failed to start listen operation")
1269 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1270 if "status,COMPLETE" not in res
:
1271 raise Exception("dev_exec_action did not succeed: " + res
)
1272 hex = res
.split(',')[3]
1274 logger
.info("URI from sigma_dut: " + uri
)
1276 id1
= dev
[1].dpp_qr_code(uri
)
1278 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1279 if "status,COMPLETE" not in res
:
1280 raise Exception("dev_exec_action did not succeed: " + res
)
1282 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra
, timeout
=10)
1283 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1284 raise Exception("Unexpected result: " + res
)
1286 dev
[0].set("dpp_config_processing", "0")
1287 stop_sigma_dut(sigma
)
1289 def dpp_init_conf_mutual(dev
, id1
, conf_id
, own_id
=None):
1291 logger
.info("Starting DPP initiator/configurator in a thread")
1292 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1
, to_hex("DPPNET01"), conf_id
)
1293 if own_id
is not None:
1294 cmd
+= " own=%d" % own_id
1295 if "OK" not in dev
.request(cmd
):
1296 raise Exception("Failed to initiate DPP Authentication")
1297 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1299 raise Exception("DPP configuration not completed (Configurator)")
1300 logger
.info("DPP initiator/configurator done")
1302 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
):
1303 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1304 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
)
1306 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev
, apdev
):
1307 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1308 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, ',DPPDelayQRResponse,1')
1310 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, extra
=None):
1311 check_dpp_capab(dev
[0])
1312 check_dpp_capab(dev
[1])
1314 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1315 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1316 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1317 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1319 params
= {"ssid": "DPPNET01",
1322 "wpa_key_mgmt": "DPP",
1323 "rsn_pairwise": "CCMP",
1324 "dpp_connector": ap_connector
,
1325 "dpp_csign": csign_pub
,
1326 "dpp_netaccesskey": ap_netaccesskey
}
1328 hapd
= hostapd
.add_ap(apdev
[0], params
)
1330 raise HwsimSkip("DPP not supported")
1332 sigma
= start_sigma_dut(dev
[0].ifname
)
1334 dev
[0].set("dpp_config_processing", "2")
1336 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1337 res
= dev
[1].request(cmd
)
1339 raise Exception("Failed to add configurator")
1342 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1343 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1345 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1346 if "status,COMPLETE" not in res
:
1347 raise Exception("dev_exec_action did not succeed: " + res
)
1348 hex = res
.split(',')[3]
1350 logger
.info("URI from sigma_dut: " + uri
)
1352 id1
= dev
[1].dpp_qr_code(uri
)
1354 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1355 if "status,COMPLETE" not in res
:
1356 raise Exception("dev_exec_action did not succeed: " + res
)
1358 t
= threading
.Thread(target
=dpp_init_conf_mutual
,
1359 args
=(dev
[1], id1
, conf_id
, id0
))
1362 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1365 res
= sigma_dut_cmd(cmd
, timeout
=25)
1367 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1368 raise Exception("Unexpected result: " + res
)
1370 dev
[0].set("dpp_config_processing", "0")
1371 stop_sigma_dut(sigma
)
1373 def dpp_resp_conf_mutual(dev
, conf_id
, uri
):
1374 logger
.info("Starting DPP responder/configurator in a thread")
1375 dev
.set("dpp_configurator_params",
1376 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
1378 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1379 if "OK" not in dev
.request(cmd
):
1380 raise Exception("Failed to initiate DPP listen")
1382 ev
= dev
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=10)
1384 raise Exception("QR Code scan for mutual authentication not requested")
1385 dev
.dpp_qr_code(uri
)
1386 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1388 raise Exception("DPP configuration not completed (Configurator)")
1389 logger
.info("DPP responder/configurator done")
1391 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
1392 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1393 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, False)
1395 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev
, apdev
):
1396 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1397 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, True)
1399 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, resp_pending
):
1400 check_dpp_capab(dev
[0])
1401 check_dpp_capab(dev
[1])
1403 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1404 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1405 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1406 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1408 params
= {"ssid": "DPPNET01",
1411 "wpa_key_mgmt": "DPP",
1412 "rsn_pairwise": "CCMP",
1413 "dpp_connector": ap_connector
,
1414 "dpp_csign": csign_pub
,
1415 "dpp_netaccesskey": ap_netaccesskey
}
1417 hapd
= hostapd
.add_ap(apdev
[0], params
)
1419 raise HwsimSkip("DPP not supported")
1421 sigma
= start_sigma_dut(dev
[0].ifname
)
1423 dev
[0].set("dpp_config_processing", "2")
1425 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1426 res
= dev
[1].request(cmd
)
1428 raise Exception("Failed to add configurator")
1431 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1432 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1434 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1435 if "status,COMPLETE" not in res
:
1436 raise Exception("dev_exec_action did not succeed: " + res
)
1437 hex = res
.split(',')[3]
1439 logger
.info("URI from sigma_dut: " + uri
)
1441 if not resp_pending
:
1442 dev
[1].dpp_qr_code(uri
)
1445 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1446 if "status,COMPLETE" not in res
:
1447 raise Exception("dev_exec_action did not succeed: " + res
)
1449 t
= threading
.Thread(target
=dpp_resp_conf_mutual
,
1450 args
=(dev
[1], conf_id
, uri
))
1454 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1455 res
= sigma_dut_cmd(cmd
, timeout
=15)
1457 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1458 raise Exception("Unexpected result: " + res
)
1460 dev
[0].set("dpp_config_processing", "0")
1461 stop_sigma_dut(sigma
)
1463 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev
, apdev
):
1464 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1465 check_dpp_capab(dev
[0])
1466 check_dpp_capab(dev
[1])
1468 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1469 passphrase
="ThisIsDppPassphrase")
1470 hapd
= hostapd
.add_ap(apdev
[0], params
)
1472 sigma
= start_sigma_dut(dev
[0].ifname
)
1474 dev
[0].set("dpp_config_processing", "2")
1476 cmd
= "DPP_CONFIGURATOR_ADD"
1477 res
= dev
[1].request(cmd
)
1479 raise Exception("Failed to add configurator")
1482 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1483 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1485 dev
[1].set("dpp_configurator_params",
1486 " conf=sta-psk ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id
))
1487 cmd
= "DPP_LISTEN 2437 role=configurator"
1488 if "OK" not in dev
[1].request(cmd
):
1489 raise Exception("Failed to start listen operation")
1491 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1492 if "status,COMPLETE" not in res
:
1493 raise Exception("dev_exec_action did not succeed: " + res
)
1495 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1496 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res
:
1497 raise Exception("Unexpected result: " + res
)
1499 dev
[0].set("dpp_config_processing", "0")
1500 stop_sigma_dut(sigma
)
1502 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev
, apdev
):
1503 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1504 check_dpp_capab(dev
[0])
1505 check_dpp_capab(dev
[1])
1506 if "SAE" not in dev
[0].get_capability("auth_alg"):
1507 raise HwsimSkip("SAE not supported")
1509 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1510 passphrase
="ThisIsDppPassphrase")
1511 params
['wpa_key_mgmt'] = 'SAE'
1512 params
["ieee80211w"] = "2"
1513 hapd
= hostapd
.add_ap(apdev
[0], params
)
1515 sigma
= start_sigma_dut(dev
[0].ifname
)
1517 dev
[0].set("dpp_config_processing", "2")
1518 dev
[0].set("sae_groups", "")
1520 cmd
= "DPP_CONFIGURATOR_ADD"
1521 res
= dev
[1].request(cmd
)
1523 raise Exception("Failed to add configurator")
1526 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1527 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1529 dev
[1].set("dpp_configurator_params",
1530 " conf=sta-sae ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id
))
1531 cmd
= "DPP_LISTEN 2437 role=configurator"
1532 if "OK" not in dev
[1].request(cmd
):
1533 raise Exception("Failed to start listen operation")
1535 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1536 if "status,COMPLETE" not in res
:
1537 raise Exception("dev_exec_action did not succeed: " + res
)
1539 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1540 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res
:
1541 raise Exception("Unexpected result: " + res
)
1543 dev
[0].set("dpp_config_processing", "0")
1544 stop_sigma_dut(sigma
)
1546 def test_sigma_dut_dpp_qr_init_configurator_1(dev
, apdev
):
1547 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1548 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1)
1550 def test_sigma_dut_dpp_qr_init_configurator_2(dev
, apdev
):
1551 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1552 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 2)
1554 def test_sigma_dut_dpp_qr_init_configurator_3(dev
, apdev
):
1555 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1556 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 3)
1558 def test_sigma_dut_dpp_qr_init_configurator_4(dev
, apdev
):
1559 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1560 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 4)
1562 def test_sigma_dut_dpp_qr_init_configurator_5(dev
, apdev
):
1563 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1564 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 5)
1566 def test_sigma_dut_dpp_qr_init_configurator_6(dev
, apdev
):
1567 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1568 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 6)
1570 def test_sigma_dut_dpp_qr_init_configurator_7(dev
, apdev
):
1571 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1572 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 7)
1574 def test_sigma_dut_dpp_qr_init_configurator_both(dev
, apdev
):
1575 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1576 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, "Both")
1578 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev
, apdev
):
1579 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1580 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, extra
='DPPSubsequentChannel,81/11')
1582 def run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, conf_idx
,
1583 prov_role
="Configurator",
1585 check_dpp_capab(dev
[0])
1586 check_dpp_capab(dev
[1])
1587 sigma
= start_sigma_dut(dev
[0].ifname
)
1589 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1590 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1592 cmd
= "DPP_LISTEN 2437 role=enrollee"
1593 if "OK" not in dev
[1].request(cmd
):
1594 raise Exception("Failed to start listen operation")
1596 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1597 if "status,COMPLETE" not in res
:
1598 raise Exception("dev_exec_action did not succeed: " + res
)
1600 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role
, conf_idx
)
1603 res
= sigma_dut_cmd(cmd
)
1604 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1605 raise Exception("Unexpected result: " + res
)
1607 stop_sigma_dut(sigma
)
1609 def test_sigma_dut_dpp_incompatible_roles_init(dev
, apdev
):
1610 """sigma_dut DPP roles incompatible (Initiator)"""
1611 check_dpp_capab(dev
[0])
1612 check_dpp_capab(dev
[1])
1613 sigma
= start_sigma_dut(dev
[0].ifname
)
1615 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1616 if "status,COMPLETE" not in res
:
1617 raise Exception("dev_exec_action did not succeed: " + res
)
1618 hex = res
.split(',')[3]
1620 logger
.info("URI from sigma_dut: " + uri
)
1622 id1
= dev
[1].dpp_qr_code(uri
)
1624 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1625 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1627 cmd
= "DPP_LISTEN 2437 role=enrollee"
1628 if "OK" not in dev
[1].request(cmd
):
1629 raise Exception("Failed to start listen operation")
1631 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1632 if "status,COMPLETE" not in res
:
1633 raise Exception("dev_exec_action did not succeed: " + res
)
1635 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1636 res
= sigma_dut_cmd(cmd
)
1637 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res
:
1638 raise Exception("Unexpected result: " + res
)
1640 stop_sigma_dut(sigma
)
1642 def dpp_init_enrollee_mutual(dev
, id1
, own_id
):
1643 logger
.info("Starting DPP initiator/enrollee in a thread")
1645 cmd
= "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1
, own_id
)
1646 if "OK" not in dev
.request(cmd
):
1647 raise Exception("Failed to initiate DPP Authentication")
1648 ev
= dev
.wait_event(["DPP-CONF-RECEIVED",
1649 "DPP-NOT-COMPATIBLE"], timeout
=5)
1651 raise Exception("DPP configuration not completed (Enrollee)")
1652 logger
.info("DPP initiator/enrollee done")
1654 def test_sigma_dut_dpp_incompatible_roles_resp(dev
, apdev
):
1655 """sigma_dut DPP roles incompatible (Responder)"""
1656 check_dpp_capab(dev
[0])
1657 check_dpp_capab(dev
[1])
1658 sigma
= start_sigma_dut(dev
[0].ifname
)
1660 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1661 res
= sigma_dut_cmd(cmd
)
1662 if "status,COMPLETE" not in res
:
1663 raise Exception("dev_exec_action did not succeed: " + res
)
1664 hex = res
.split(',')[3]
1666 logger
.info("URI from sigma_dut: " + uri
)
1668 id1
= dev
[1].dpp_qr_code(uri
)
1670 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1671 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1673 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1674 if "status,COMPLETE" not in res
:
1675 raise Exception("dev_exec_action did not succeed: " + res
)
1677 t
= threading
.Thread(target
=dpp_init_enrollee_mutual
, args
=(dev
[1], id1
, id0
))
1679 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1680 res
= sigma_dut_cmd(cmd
, timeout
=10)
1682 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res
:
1683 raise Exception("Unexpected result: " + res
)
1685 stop_sigma_dut(sigma
)
1687 def test_sigma_dut_dpp_pkex_init_configurator(dev
, apdev
):
1688 """sigma_dut DPP/PKEX initiator as Configurator"""
1689 check_dpp_capab(dev
[0])
1690 check_dpp_capab(dev
[1])
1691 sigma
= start_sigma_dut(dev
[0].ifname
)
1693 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
1694 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
1695 res
= dev
[1].request(cmd
)
1697 raise Exception("Failed to set PKEX data (responder)")
1698 cmd
= "DPP_LISTEN 2437 role=enrollee"
1699 if "OK" not in dev
[1].request(cmd
):
1700 raise Exception("Failed to start listen operation")
1702 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1703 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1704 raise Exception("Unexpected result: " + res
)
1706 stop_sigma_dut(sigma
)
1708 def dpp_init_conf(dev
, id1
, conf
, conf_id
, extra
):
1709 logger
.info("Starting DPP initiator/configurator in a thread")
1710 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1
, conf
, extra
, conf_id
)
1711 if "OK" not in dev
.request(cmd
):
1712 raise Exception("Failed to initiate DPP Authentication")
1713 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1715 raise Exception("DPP configuration not completed (Configurator)")
1716 logger
.info("DPP initiator/configurator done")
1718 def test_sigma_dut_ap_dpp_qr(dev
, apdev
, params
):
1719 """sigma_dut controlled AP (DPP)"""
1720 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-dpp", "sta-dpp")
1722 def test_sigma_dut_ap_dpp_qr_legacy(dev
, apdev
, params
):
1723 """sigma_dut controlled AP (legacy)"""
1724 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1725 extra
="pass=%s" % to_hex("qwertyuiop"))
1727 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev
, apdev
, params
):
1728 """sigma_dut controlled AP (legacy)"""
1729 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1730 extra
="psk=%s" % (32*"12"))
1732 def run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, ap_conf
, sta_conf
, extra
=""):
1733 check_dpp_capab(dev
[0])
1734 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1735 with
HWSimRadio() as (radio
, iface
):
1736 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1738 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1739 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1740 if "status,COMPLETE" not in res
:
1741 raise Exception("dev_exec_action did not succeed: " + res
)
1742 hex = res
.split(',')[3]
1744 logger
.info("URI from sigma_dut: " + uri
)
1746 cmd
= "DPP_CONFIGURATOR_ADD"
1747 res
= dev
[0].request(cmd
)
1749 raise Exception("Failed to add configurator")
1752 id1
= dev
[0].dpp_qr_code(uri
)
1754 t
= threading
.Thread(target
=dpp_init_conf
,
1755 args
=(dev
[0], id1
, ap_conf
, conf_id
, extra
))
1757 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1759 if "ConfResult,OK" not in res
:
1760 raise Exception("Unexpected result: " + res
)
1762 id1
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
1763 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
1765 id0b
= dev
[0].dpp_qr_code(uri1
)
1767 dev
[1].set("dpp_config_processing", "2")
1768 cmd
= "DPP_LISTEN 2412"
1769 if "OK" not in dev
[1].request(cmd
):
1770 raise Exception("Failed to start listen operation")
1771 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b
, sta_conf
, extra
, conf_id
)
1772 if "OK" not in dev
[0].request(cmd
):
1773 raise Exception("Failed to initiate DPP Authentication")
1774 dev
[1].wait_connected()
1776 sigma_dut_cmd_check("ap_reset_default")
1778 dev
[1].set("dpp_config_processing", "0")
1779 stop_sigma_dut(sigma
)
1781 def test_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
, params
):
1782 """sigma_dut controlled AP as DPP PKEX responder"""
1783 check_dpp_capab(dev
[0])
1784 logdir
= os
.path
.join(params
['logdir'],
1785 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1786 with
HWSimRadio() as (radio
, iface
):
1787 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1789 run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
)
1791 stop_sigma_dut(sigma
)
1793 def dpp_init_conf_pkex(dev
, conf_id
, check_config
=True):
1794 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
1796 id = dev
.dpp_bootstrap_gen(type="pkex")
1797 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id
)
1798 res
= dev
.request(cmd
)
1800 raise Exception("Failed to initiate DPP PKEX")
1801 if not check_config
:
1803 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1805 raise Exception("DPP configuration not completed (Configurator)")
1806 logger
.info("DPP initiator/configurator done")
1808 def run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
):
1809 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1811 cmd
= "DPP_CONFIGURATOR_ADD"
1812 res
= dev
[0].request(cmd
)
1814 raise Exception("Failed to add configurator")
1817 t
= threading
.Thread(target
=dpp_init_conf_pkex
, args
=(dev
[0], conf_id
))
1819 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout
=10)
1821 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1822 raise Exception("Unexpected result: " + res
)
1824 sigma_dut_cmd_check("ap_reset_default")
1826 def test_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
):
1827 """sigma_dut controlled STA as DPP PKEX responder and error case"""
1828 check_dpp_capab(dev
[0])
1829 sigma
= start_sigma_dut(dev
[0].ifname
)
1831 run_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
)
1833 stop_sigma_dut(sigma
)
1835 def run_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
):
1836 cmd
= "DPP_CONFIGURATOR_ADD"
1837 res
= dev
[1].request(cmd
)
1839 raise Exception("Failed to add configurator")
1842 dev
[1].set("dpp_test", "44")
1844 t
= threading
.Thread(target
=dpp_init_conf_pkex
, args
=(dev
[1], conf_id
,
1847 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout
=10)
1849 if "BootstrapResult,Timeout" not in res
:
1850 raise Exception("Unexpected result: " + res
)
1852 def dpp_proto_init(dev
, id1
):
1854 logger
.info("Starting DPP initiator/configurator in a thread")
1855 cmd
= "DPP_CONFIGURATOR_ADD"
1856 res
= dev
.request(cmd
)
1858 raise Exception("Failed to add configurator")
1861 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
1862 if "OK" not in dev
.request(cmd
):
1863 raise Exception("Failed to initiate DPP Authentication")
1865 def test_sigma_dut_dpp_proto_initiator(dev
, apdev
):
1866 """sigma_dut DPP protocol testing - Initiator"""
1867 check_dpp_capab(dev
[0])
1868 check_dpp_capab(dev
[1])
1869 tests
= [("InvalidValue", "AuthenticationRequest", "WrappedData",
1870 "BootstrapResult,OK,AuthResult,Errorsent",
1872 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
1873 "BootstrapResult,OK,AuthResult,Errorsent",
1875 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
1876 "BootstrapResult,OK,AuthResult,Errorsent",
1877 "Missing or invalid I-capabilities"),
1878 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
1879 "BootstrapResult,OK,AuthResult,Errorsent",
1880 "Mismatching Initiator Authenticating Tag"),
1881 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
1882 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1883 "Missing or invalid Enrollee Nonce attribute")]
1884 for step
, frame
, attr
, result
, fail
in tests
:
1885 dev
[0].request("FLUSH")
1886 dev
[1].request("FLUSH")
1887 sigma
= start_sigma_dut(dev
[0].ifname
)
1889 run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
,
1892 stop_sigma_dut(sigma
)
1894 def run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
, fail
):
1895 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1896 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1898 cmd
= "DPP_LISTEN 2437 role=enrollee"
1899 if "OK" not in dev
[1].request(cmd
):
1900 raise Exception("Failed to start listen operation")
1902 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1903 if "status,COMPLETE" not in res
:
1904 raise Exception("dev_exec_action did not succeed: " + res
)
1906 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
),
1908 if result
not in res
:
1909 raise Exception("Unexpected result: " + res
)
1911 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1912 if ev
is None or fail
not in ev
:
1913 raise Exception("Failure not reported correctly: " + str(ev
))
1915 dev
[1].request("DPP_STOP_LISTEN")
1916 dev
[0].dump_monitor()
1917 dev
[1].dump_monitor()
1919 def test_sigma_dut_dpp_proto_responder(dev
, apdev
):
1920 """sigma_dut DPP protocol testing - Responder"""
1921 check_dpp_capab(dev
[0])
1922 check_dpp_capab(dev
[1])
1923 tests
= [("MissingAttribute", "AuthenticationResponse", "DPPStatus",
1924 "BootstrapResult,OK,AuthResult,Errorsent",
1925 "Missing or invalid required DPP Status attribute"),
1926 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
1927 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1928 "Missing or invalid Enrollee Nonce attribute")]
1929 for step
, frame
, attr
, result
, fail
in tests
:
1930 dev
[0].request("FLUSH")
1931 dev
[1].request("FLUSH")
1932 sigma
= start_sigma_dut(dev
[0].ifname
)
1934 run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
,
1937 stop_sigma_dut(sigma
)
1939 def run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
, fail
):
1940 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1941 if "status,COMPLETE" not in res
:
1942 raise Exception("dev_exec_action did not succeed: " + res
)
1943 hex = res
.split(',')[3]
1945 logger
.info("URI from sigma_dut: " + uri
)
1947 id1
= dev
[1].dpp_qr_code(uri
)
1949 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
1951 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
1953 if result
not in res
:
1954 raise Exception("Unexpected result: " + res
)
1956 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
1957 if ev
is None or fail
not in ev
:
1958 raise Exception("Failure not reported correctly:" + str(ev
))
1960 dev
[1].request("DPP_STOP_LISTEN")
1961 dev
[0].dump_monitor()
1962 dev
[1].dump_monitor()
1964 def test_sigma_dut_dpp_proto_stop_at_initiator(dev
, apdev
):
1965 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
1966 check_dpp_capab(dev
[0])
1967 check_dpp_capab(dev
[1])
1968 tests
= [("AuthenticationResponse",
1969 "BootstrapResult,OK,AuthResult,Errorsent",
1971 ("ConfigurationRequest",
1972 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
1974 for frame
, result
, fail
in tests
:
1975 dev
[0].request("FLUSH")
1976 dev
[1].request("FLUSH")
1977 sigma
= start_sigma_dut(dev
[0].ifname
)
1979 run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
)
1981 stop_sigma_dut(sigma
)
1983 def run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
):
1984 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1985 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1987 cmd
= "DPP_LISTEN 2437 role=enrollee"
1988 if "OK" not in dev
[1].request(cmd
):
1989 raise Exception("Failed to start listen operation")
1991 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1992 if "status,COMPLETE" not in res
:
1993 raise Exception("dev_exec_action did not succeed: " + res
)
1995 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
))
1996 if result
not in res
:
1997 raise Exception("Unexpected result: " + res
)
1999 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2000 if ev
is None or fail
not in ev
:
2001 raise Exception("Failure not reported correctly: " + str(ev
))
2003 dev
[1].request("DPP_STOP_LISTEN")
2004 dev
[0].dump_monitor()
2005 dev
[1].dump_monitor()
2007 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, apdev
):
2008 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
2009 check_dpp_capab(dev
[0])
2010 check_dpp_capab(dev
[1])
2011 tests
= [("AuthenticationConfirm",
2012 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
2014 for frame
, result
, fail
in tests
:
2015 dev
[0].request("FLUSH")
2016 dev
[1].request("FLUSH")
2017 sigma
= start_sigma_dut(dev
[0].ifname
, debug
=True)
2019 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, frame
,
2022 stop_sigma_dut(sigma
)
2024 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, frame
, result
,
2026 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2027 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2029 cmd
= "DPP_LISTEN 2437 role=configurator"
2030 if "OK" not in dev
[1].request(cmd
):
2031 raise Exception("Failed to start listen operation")
2033 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2034 if "status,COMPLETE" not in res
:
2035 raise Exception("dev_exec_action did not succeed: " + res
)
2037 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
), timeout
=10)
2038 if result
not in res
:
2039 raise Exception("Unexpected result: " + res
)
2041 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2042 if ev
is None or fail
not in ev
:
2043 raise Exception("Failure not reported correctly: " + str(ev
))
2045 dev
[1].request("DPP_STOP_LISTEN")
2046 dev
[0].dump_monitor()
2047 dev
[1].dump_monitor()
2049 def test_sigma_dut_dpp_proto_stop_at_responder(dev
, apdev
):
2050 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
2051 check_dpp_capab(dev
[0])
2052 check_dpp_capab(dev
[1])
2053 tests
= [("AuthenticationRequest",
2054 "BootstrapResult,OK,AuthResult,Errorsent",
2056 ("AuthenticationConfirm",
2057 "BootstrapResult,OK,AuthResult,Errorsent",
2059 for frame
, result
, fail
in tests
:
2060 dev
[0].request("FLUSH")
2061 dev
[1].request("FLUSH")
2062 sigma
= start_sigma_dut(dev
[0].ifname
)
2064 run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
)
2066 stop_sigma_dut(sigma
)
2068 def run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
):
2069 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
2070 if "status,COMPLETE" not in res
:
2071 raise Exception("dev_exec_action did not succeed: " + res
)
2072 hex = res
.split(',')[3]
2074 logger
.info("URI from sigma_dut: " + uri
)
2076 id1
= dev
[1].dpp_qr_code(uri
)
2078 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
2080 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
), timeout
=10)
2082 if result
not in res
:
2083 raise Exception("Unexpected result: " + res
)
2085 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2086 if ev
is None or fail
not in ev
:
2087 raise Exception("Failure not reported correctly:" + str(ev
))
2089 dev
[1].request("DPP_STOP_LISTEN")
2090 dev
[0].dump_monitor()
2091 dev
[1].dump_monitor()
2093 def dpp_proto_init_pkex(dev
):
2095 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
2096 cmd
= "DPP_CONFIGURATOR_ADD"
2097 res
= dev
.request(cmd
)
2099 raise Exception("Failed to add configurator")
2102 id = dev
.dpp_bootstrap_gen(type="pkex")
2104 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id
)
2105 if "FAIL" in dev
.request(cmd
):
2106 raise Exception("Failed to initiate DPP PKEX")
2108 def test_sigma_dut_dpp_proto_initiator_pkex(dev
, apdev
):
2109 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2110 check_dpp_capab(dev
[0])
2111 check_dpp_capab(dev
[1])
2112 tests
= [("InvalidValue", "PKEXCRRequest", "WrappedData",
2113 "BootstrapResult,Errorsent",
2115 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2116 "BootstrapResult,Errorsent",
2117 "Missing or invalid Finite Cyclic Group attribute"),
2118 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2119 "BootstrapResult,Errorsent",
2120 "No valid peer bootstrapping key found")]
2121 for step
, frame
, attr
, result
, fail
in tests
:
2122 dev
[0].request("FLUSH")
2123 dev
[1].request("FLUSH")
2124 sigma
= start_sigma_dut(dev
[0].ifname
)
2126 run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
,
2129 stop_sigma_dut(sigma
)
2131 def run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
, result
, fail
):
2132 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2134 cmd
= "DPP_PKEX_ADD own=%d code=secret" % (id1
)
2135 res
= dev
[1].request(cmd
)
2137 raise Exception("Failed to set PKEX data (responder)")
2139 cmd
= "DPP_LISTEN 2437 role=enrollee"
2140 if "OK" not in dev
[1].request(cmd
):
2141 raise Exception("Failed to start listen operation")
2143 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
))
2144 if result
not in res
:
2145 raise Exception("Unexpected result: " + res
)
2147 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2148 if ev
is None or fail
not in ev
:
2149 raise Exception("Failure not reported correctly: " + str(ev
))
2151 dev
[1].request("DPP_STOP_LISTEN")
2152 dev
[0].dump_monitor()
2153 dev
[1].dump_monitor()
2155 def test_sigma_dut_dpp_proto_responder_pkex(dev
, apdev
):
2156 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2157 check_dpp_capab(dev
[0])
2158 check_dpp_capab(dev
[1])
2159 tests
= [("InvalidValue", "PKEXCRResponse", "WrappedData",
2160 "BootstrapResult,Errorsent",
2162 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2163 "BootstrapResult,Errorsent",
2164 "No DPP Status attribute"),
2165 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2166 "BootstrapResult,Errorsent",
2167 "No valid peer bootstrapping key found")]
2168 for step
, frame
, attr
, result
, fail
in tests
:
2169 dev
[0].request("FLUSH")
2170 dev
[1].request("FLUSH")
2171 sigma
= start_sigma_dut(dev
[0].ifname
)
2173 run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
,
2176 stop_sigma_dut(sigma
)
2178 def run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
, result
, fail
):
2179 t
= threading
.Thread(target
=dpp_proto_init_pkex
, args
=(dev
[1],))
2181 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
2183 if result
not in res
:
2184 raise Exception("Unexpected result: " + res
)
2186 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2187 if ev
is None or fail
not in ev
:
2188 raise Exception("Failure not reported correctly:" + str(ev
))
2190 dev
[1].request("DPP_STOP_LISTEN")
2191 dev
[0].dump_monitor()
2192 dev
[1].dump_monitor()
2194 def init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
2195 check_dpp_capab(dev
[0])
2196 check_dpp_capab(dev
[1])
2198 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2199 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2200 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2201 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2203 params
= {"ssid": "DPPNET01",
2206 "wpa_key_mgmt": "DPP",
2207 "rsn_pairwise": "CCMP",
2208 "dpp_connector": ap_connector
,
2209 "dpp_csign": csign_pub
,
2210 "dpp_netaccesskey": ap_netaccesskey
}
2212 hapd
= hostapd
.add_ap(apdev
[0], params
)
2214 raise HwsimSkip("DPP not supported")
2216 dev
[0].set("dpp_config_processing", "2")
2218 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
2219 res
= dev
[1].request(cmd
)
2221 raise Exception("Failed to add configurator")
2224 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2225 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2227 dev
[1].set("dpp_configurator_params",
2228 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
2230 cmd
= "DPP_LISTEN 2437 role=configurator"
2231 if "OK" not in dev
[1].request(cmd
):
2232 raise Exception("Failed to start listen operation")
2234 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2235 if "status,COMPLETE" not in res
:
2236 raise Exception("dev_exec_action did not succeed: " + res
)
2238 def test_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
2239 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2240 sigma
= start_sigma_dut(dev
[0].ifname
)
2242 init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
)
2244 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout
=10)
2245 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res
:
2246 raise Exception("Unexpected result: " + res
)
2248 dev
[0].set("dpp_config_processing", "0")
2249 stop_sigma_dut(sigma
)
2251 def test_sigma_dut_dpp_self_config(dev
, apdev
):
2252 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2253 check_dpp_capab(dev
[0])
2255 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "unconfigured"})
2256 check_dpp_capab(hapd
)
2258 sigma
= start_sigma_dut(dev
[0].ifname
)
2260 dev
[0].set("dpp_config_processing", "2")
2261 id = hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
2262 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2264 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri
))
2265 if "status,COMPLETE" not in res
:
2266 raise Exception("dev_exec_action did not succeed: " + res
)
2268 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2269 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2270 raise Exception("Unexpected result: " + res
)
2271 update_hapd_config(hapd
)
2273 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2274 res
= sigma_dut_cmd(cmd
, timeout
=10)
2275 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
2276 raise Exception("Unexpected result: " + res
)
2278 stop_sigma_dut(sigma
)
2279 dev
[0].set("dpp_config_processing", "0")
2281 def test_sigma_dut_ap_dpp_self_config(dev
, apdev
, params
):
2282 """sigma_dut DPP AP Configurator using self-configuration"""
2283 logdir
= os
.path
.join(params
['logdir'],
2284 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2285 with
HWSimRadio() as (radio
, iface
):
2286 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
2288 run_sigma_dut_ap_dpp_self_config(dev
, apdev
)
2290 stop_sigma_dut(sigma
)
2291 dev
[0].set("dpp_config_processing", "0")
2293 def run_sigma_dut_ap_dpp_self_config(dev
, apdev
):
2294 check_dpp_capab(dev
[0])
2296 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2298 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout
=10)
2299 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2300 raise Exception("Unexpected result: " + res
)
2302 dev
[0].set("dpp_config_processing", "2")
2304 id = dev
[0].dpp_bootstrap_gen(chan
="81/11", mac
=True)
2305 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2306 cmd
= "DPP_LISTEN 2462 role=enrollee"
2307 if "OK" not in dev
[0].request(cmd
):
2308 raise Exception("Failed to start listen operation")
2310 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri
))
2311 if "status,COMPLETE" not in res
:
2312 raise Exception("dev_exec_action did not succeed: " + res
)
2313 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2314 res
= sigma_dut_cmd(cmd
)
2315 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2316 raise Exception("Unexpected result: " + res
)
2317 dev
[0].wait_connected()
2318 dev
[0].request("DISCONNECT")
2319 dev
[0].wait_disconnected()
2320 sigma_dut_cmd_check("ap_reset_default")
2322 def test_sigma_dut_preconfigured_profile(dev
, apdev
):
2323 """sigma_dut controlled connection using preconfigured profile"""
2325 run_sigma_dut_preconfigured_profile(dev
, apdev
)
2327 dev
[0].set("ignore_old_scan_res", "0")
2329 def run_sigma_dut_preconfigured_profile(dev
, apdev
):
2330 ifname
= dev
[0].ifname
2331 sigma
= start_sigma_dut(ifname
)
2333 params
= hostapd
.wpa2_params(ssid
="test-psk", passphrase
="12345678")
2334 hapd
= hostapd
.add_ap(apdev
[0], params
)
2335 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412",
2336 only_add_network
=True)
2338 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2339 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "test-psk"))
2340 sigma_dut_wait_connected(ifname
)
2341 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2342 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2343 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2345 stop_sigma_dut(sigma
)
2347 def test_sigma_dut_wps_pbc(dev
, apdev
):
2348 """sigma_dut and WPS PBC Enrollee"""
2350 run_sigma_dut_wps_pbc(dev
, apdev
)
2352 dev
[0].set("ignore_old_scan_res", "0")
2354 def run_sigma_dut_wps_pbc(dev
, apdev
):
2355 ssid
= "test-wps-conf"
2356 hapd
= hostapd
.add_ap(apdev
[0],
2357 {"ssid": "wps", "eap_server": "1", "wps_state": "2",
2358 "wpa_passphrase": "12345678", "wpa": "2",
2359 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2360 hapd
.request("WPS_PBC")
2362 ifname
= dev
[0].ifname
2363 sigma
= start_sigma_dut(ifname
)
2365 cmd
= "start_wps_registration,interface,%s" % ifname
2366 cmd
+= ",WpsRole,Enrollee"
2367 cmd
+= ",WpsConfigMethod,PBC"
2368 sigma_dut_cmd_check(cmd
, timeout
=15)
2370 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2372 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2373 stop_sigma_dut(sigma
)
2374 dev
[0].flush_scan_cache()
2376 def test_sigma_dut_sta_scan_bss(dev
, apdev
):
2377 """sigma_dut sta_scan_bss"""
2378 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "test"})
2379 sigma
= start_sigma_dut(dev
[0].ifname
)
2381 cmd
= "sta_scan_bss,Interface,%s,BSSID,%s" % (dev
[0].ifname
, \
2383 res
= sigma_dut_cmd(cmd
, timeout
=10)
2384 if "ssid,test,bsschannel,1" not in res
:
2385 raise Exception("Unexpected result: " + res
)
2387 stop_sigma_dut(sigma
)
2389 def test_sigma_dut_sta_scan_ssid_bssid(dev
, apdev
):
2390 """sigma_dut sta_scan GetParameter,SSID_BSSID"""
2391 hostapd
.add_ap(apdev
[0], {"ssid": "abcdef"})
2392 hostapd
.add_ap(apdev
[1], {"ssid": "qwerty"})
2393 sigma
= start_sigma_dut(dev
[0].ifname
, debug
=True)
2395 cmd
= "sta_scan,Interface,%s,GetParameter,SSID_BSSID" % dev
[0].ifname
2396 res
= sigma_dut_cmd(cmd
, timeout
=10)
2397 if "abcdef" not in res
or "qwerty" not in res
:
2398 raise Exception("Unexpected result: " + res
)
2400 stop_sigma_dut(sigma
)
2402 def test_sigma_dut_ap_osen(dev
, apdev
, params
):
2403 """sigma_dut controlled AP with OSEN"""
2404 logdir
= os
.path
.join(params
['logdir'],
2405 "sigma_dut_ap_osen.sigma-hostapd")
2406 with
HWSimRadio() as (radio
, iface
):
2407 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
2409 sigma_dut_cmd_check("ap_reset_default")
2410 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2411 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2412 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2413 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2415 # RSN-OSEN (for OSU)
2416 dev
[0].connect("test-hs20", proto
="OSEN", key_mgmt
="OSEN",
2417 pairwise
="CCMP", group
="GTK_NOT_USED",
2418 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
2419 ca_cert
="auth_serv/ca.pem", scan_freq
="2412")
2421 sigma_dut_cmd_check("ap_reset_default")
2423 stop_sigma_dut(sigma
)
2425 def test_sigma_dut_ap_eap_osen(dev
, apdev
, params
):
2426 """sigma_dut controlled AP with EAP+OSEN"""
2427 logdir
= os
.path
.join(params
['logdir'],
2428 "sigma_dut_ap_eap_osen.sigma-hostapd")
2429 with
HWSimRadio() as (radio
, iface
):
2430 sigma
= start_sigma_dut(iface
, bridge
="ap-br0", hostapd_logdir
=logdir
)
2432 sigma_dut_cmd_check("ap_reset_default")
2433 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2434 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2435 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2436 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2438 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2439 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2441 # RSN-OSEN (for OSU)
2442 dev
[0].connect("test-hs20", proto
="OSEN", key_mgmt
="OSEN",
2444 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
2445 ca_cert
="auth_serv/ca.pem", ieee80211w
='2',
2447 # RSN-EAP (for data connection)
2448 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2449 identity
="hs20-test", password
="password",
2450 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2451 ieee80211w
='2', scan_freq
="2412")
2453 hwsim_utils
.test_connectivity(dev
[0], dev
[1], broadcast
=False,
2454 success_expected
=False, timeout
=1)
2456 sigma_dut_cmd_check("ap_reset_default")
2458 stop_sigma_dut(sigma
)
2459 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2460 stderr
=open('/dev/null', 'w'))
2461 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2462 stderr
=open('/dev/null', 'w'))
2464 def test_sigma_dut_ap_eap(dev
, apdev
, params
):
2465 """sigma_dut controlled AP WPA2-Enterprise"""
2466 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2467 with
HWSimRadio() as (radio
, iface
):
2468 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2470 sigma_dut_cmd_check("ap_reset_default")
2471 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2472 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2473 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2474 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2476 dev
[0].connect("test-eap", key_mgmt
="WPA-EAP", eap
="GPSK",
2477 identity
="gpsk user",
2478 password
="abcdefghijklmnop0123456789abcdef",
2481 sigma_dut_cmd_check("ap_reset_default")
2483 stop_sigma_dut(sigma
)
2485 def test_sigma_dut_ap_eap_sha256(dev
, apdev
, params
):
2486 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2487 logdir
= os
.path
.join(params
['logdir'],
2488 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2489 with
HWSimRadio() as (radio
, iface
):
2490 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2492 sigma_dut_cmd_check("ap_reset_default")
2493 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2494 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2495 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2496 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2498 dev
[0].connect("test-eap", key_mgmt
="WPA-EAP-SHA256", eap
="GPSK",
2499 identity
="gpsk user",
2500 password
="abcdefghijklmnop0123456789abcdef",
2503 sigma_dut_cmd_check("ap_reset_default")
2505 stop_sigma_dut(sigma
)
2507 def test_sigma_dut_ap_ft_eap(dev
, apdev
, params
):
2508 """sigma_dut controlled AP FT-EAP"""
2509 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2510 with
HWSimRadio() as (radio
, iface
):
2511 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2513 sigma_dut_cmd_check("ap_reset_default")
2514 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2515 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2516 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2517 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2519 dev
[0].connect("test-ft-eap", key_mgmt
="FT-EAP", eap
="GPSK",
2520 identity
="gpsk user",
2521 password
="abcdefghijklmnop0123456789abcdef",
2524 sigma_dut_cmd_check("ap_reset_default")
2526 stop_sigma_dut(sigma
)
2528 def test_sigma_dut_ap_ft_psk(dev
, apdev
, params
):
2529 """sigma_dut controlled AP FT-PSK"""
2530 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2531 with
HWSimRadio() as (radio
, iface
):
2532 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2534 sigma_dut_cmd_check("ap_reset_default")
2535 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2536 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2537 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2539 dev
[0].connect("test-ft-psk", key_mgmt
="FT-PSK", psk
="12345678",
2542 sigma_dut_cmd_check("ap_reset_default")
2544 stop_sigma_dut(sigma
)
2546 def test_sigma_dut_ap_ent_ft_eap(dev
, apdev
, params
):
2547 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2548 logdir
= os
.path
.join(params
['logdir'],
2549 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2550 with
HWSimRadio() as (radio
, iface
):
2551 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2553 sigma_dut_cmd_check("ap_reset_default")
2554 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2555 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2556 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2557 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2559 dev
[0].connect("test-ent-ft-eap", key_mgmt
="FT-EAP", eap
="GPSK",
2560 identity
="gpsk user",
2561 password
="abcdefghijklmnop0123456789abcdef",
2563 dev
[1].connect("test-ent-ft-eap", key_mgmt
="WPA-EAP", eap
="GPSK",
2564 identity
="gpsk user",
2565 password
="abcdefghijklmnop0123456789abcdef",
2568 sigma_dut_cmd_check("ap_reset_default")
2570 stop_sigma_dut(sigma
)
2572 def test_sigma_dut_venue_url(dev
, apdev
):
2573 """sigma_dut controlled Venue URL fetch"""
2575 run_sigma_dut_venue_url(dev
, apdev
)
2577 dev
[0].set("ignore_old_scan_res", "0")
2579 def run_sigma_dut_venue_url(dev
, apdev
):
2580 ifname
= dev
[0].ifname
2581 sigma
= start_sigma_dut(ifname
, debug
=True)
2584 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
2585 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2586 params
["ieee80211w"] = "2"
2590 venue_info
= struct
.pack('BB', venue_group
, venue_type
)
2592 name1
= "Example venue"
2594 name2
= "Esimerkkipaikka"
2595 venue1
= struct
.pack('B', len(lang1
+ name1
)) + lang1
.encode() + name1
.encode()
2596 venue2
= struct
.pack('B', len(lang2
+ name2
)) + lang2
.encode() + name2
.encode()
2597 venue_name
= binascii
.hexlify(venue_info
+ venue1
+ venue2
)
2599 url1
= "http://example.com/venue"
2600 url2
= "https://example.org/venue-info/"
2601 params
["venue_group"] = str(venue_group
)
2602 params
["venue_type"] = str(venue_type
)
2603 params
["venue_name"] = [lang1
+ ":" + name1
, lang2
+ ":" + name2
]
2604 params
["venue_url"] = ["1:" + url1
, "2:" + url2
]
2606 hapd
= hostapd
.add_ap(apdev
[0], params
)
2608 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
2609 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2610 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname
, "venue", "12345678"))
2611 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "venue"))
2612 sigma_dut_wait_connected(ifname
)
2613 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2614 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname
+ ",Display,Yes")
2615 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2616 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2618 stop_sigma_dut(sigma
)
2620 def test_sigma_dut_hs20_assoc_24(dev
, apdev
):
2621 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2622 run_sigma_dut_hs20_assoc(dev
, apdev
, True)
2624 def test_sigma_dut_hs20_assoc_5(dev
, apdev
):
2625 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2626 run_sigma_dut_hs20_assoc(dev
, apdev
, False)
2628 def run_sigma_dut_hs20_assoc(dev
, apdev
, band24
):
2632 bssid0
= apdev
[0]['bssid']
2633 params
= hs20_ap_params()
2634 params
['hessid'] = bssid0
2635 hapd0
= hostapd
.add_ap(apdev
[0], params
)
2637 bssid1
= apdev
[1]['bssid']
2638 params
= hs20_ap_params()
2639 params
['hessid'] = bssid0
2640 params
["hw_mode"] = "a"
2641 params
["channel"] = "36"
2642 params
["country_code"] = "US"
2643 hapd1
= hostapd
.add_ap(apdev
[1], params
)
2645 band
= "2.4" if band24
else "5"
2646 exp_bssid
= bssid0
if band24
else bssid1
2647 run_sigma_dut_hs20_assoc_2(dev
, apdev
, band
, exp_bssid
)
2649 dev
[0].request("DISCONNECT")
2651 hapd0
.request("DISABLE")
2653 hapd1
.request("DISABLE")
2654 subprocess
.call(['iw', 'reg', 'set', '00'])
2655 dev
[0].flush_scan_cache()
2657 def run_sigma_dut_hs20_assoc_2(dev
, apdev
, band
, expect_bssid
):
2658 check_eap_capa(dev
[0], "MSCHAPV2")
2659 dev
[0].flush_scan_cache()
2661 ifname
= dev
[0].ifname
2662 sigma
= start_sigma_dut(ifname
, debug
=True)
2664 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname
)
2665 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2666 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname
)
2667 res
= sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname
, band
),
2669 sigma_dut_wait_connected(ifname
)
2670 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2671 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2672 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2674 stop_sigma_dut(sigma
)
2676 if "BSSID," + expect_bssid
not in res
:
2677 raise Exception("Unexpected BSSID: " + res
)
2679 def test_sigma_dut_ap_hs20(dev
, apdev
, params
):
2680 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
2681 logdir
= os
.path
.join(params
['logdir'],
2682 "sigma_dut_ap_hs20.sigma-hostapd")
2683 conffile
= os
.path
.join(params
['logdir'],
2684 "sigma_dut_ap_hs20.sigma-conf")
2685 with
HWSimRadio() as (radio
, iface
):
2686 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2688 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
2689 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2690 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2691 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
2692 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
2693 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
2694 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
2695 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
2696 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
2697 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
2698 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
2699 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
2700 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
2701 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2703 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
2704 with
open(conffile
, "wb") as f2
:
2707 sigma_dut_cmd_check("ap_reset_default")
2709 stop_sigma_dut(sigma
)