1 # Test cases for sigma_dut
2 # Copyright (c) 2017, Qualcomm Atheros, Inc.
3 # Copyright (c) 2018-2019, The Linux Foundation
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
11 logger
= logging
.getLogger()
20 from utils
import HwsimSkip
21 from hwsim
import HWSimRadio
23 from test_dpp
import check_dpp_capab
, update_hapd_config
, wait_auth_success
24 from test_suite_b
import check_suite_b_192_capa
, suite_b_as_params
, suite_b_192_rsa_ap_params
25 from test_ap_eap
import check_eap_capa
, int_eap_server_params
26 from test_ap_hs20
import hs20_ap_params
28 def check_sigma_dut():
29 if not os
.path
.exists("./sigma_dut"):
30 raise HwsimSkip("sigma_dut not available")
33 return binascii
.hexlify(s
.encode()).decode()
36 return binascii
.unhexlify(s
).decode()
38 def sigma_dut_cmd(cmd
, port
=9000, timeout
=2):
39 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
41 sock
.settimeout(timeout
)
42 addr
= ('127.0.0.1', port
)
44 sock
.send(cmd
.encode() + b
"\r\n")
46 res
= sock
.recv(1000).decode()
49 for line
in res
.splitlines():
50 if line
.startswith("status,RUNNING"):
52 elif line
.startswith("status,INVALID"):
54 elif line
.startswith("status,ERROR"):
56 elif line
.startswith("status,COMPLETE"):
58 if running
and not done
:
59 # Read the actual response
60 res
= sock
.recv(1000).decode()
66 logger
.debug("sigma_dut: '%s' --> '%s'" % (cmd
, res
))
69 def sigma_dut_cmd_check(cmd
, port
=9000, timeout
=2):
70 res
= sigma_dut_cmd(cmd
, port
=port
, timeout
=timeout
)
71 if "COMPLETE" not in res
:
72 raise Exception("sigma_dut command failed: " + cmd
)
75 def start_sigma_dut(ifname
, debug
=False, hostapd_logdir
=None, cert_path
=None,
76 bridge
=None, sae_h2e
=False):
81 '-F', '../../hostapd/hostapd',
83 '-w', '/var/run/wpa_supplicant/',
88 cmd
+= ['-H', hostapd_logdir
]
90 cmd
+= ['-C', cert_path
]
95 sigma
= subprocess
.Popen(cmd
, stdout
=subprocess
.PIPE
,
96 stderr
=subprocess
.PIPE
)
99 res
= sigma_dut_cmd("HELLO")
105 def stop_sigma_dut(sigma
):
108 out
, err
= sigma
.communicate()
109 logger
.debug("sigma_dut stdout: " + str(out
.decode()))
110 logger
.debug("sigma_dut stderr: " + str(err
.decode()))
112 def sigma_dut_wait_connected(ifname
):
114 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
115 if "connected,1" in res
:
119 raise Exception("Connection did not complete")
121 def test_sigma_dut_basic(dev
, apdev
):
122 """sigma_dut basic functionality"""
123 sigma
= start_sigma_dut(dev
[0].ifname
)
125 res
= sigma_dut_cmd("UNKNOWN")
126 if "status,INVALID,errorCode,Unknown command" not in res
:
127 raise Exception("Unexpected sigma_dut response to unknown command")
129 tests
= [("ca_get_version", "status,COMPLETE,version,1.0"),
130 ("device_get_info", "status,COMPLETE,vendor"),
131 ("device_list_interfaces,interfaceType,foo", "status,ERROR"),
132 ("device_list_interfaces,interfaceType,802.11",
133 "status,COMPLETE,interfaceType,802.11,interfaceID," + dev
[0].ifname
)]
134 for cmd
, response
in tests
:
135 res
= sigma_dut_cmd(cmd
)
136 if response
not in res
:
137 raise Exception("Unexpected %s response: %s" % (cmd
, res
))
139 stop_sigma_dut(sigma
)
141 def test_sigma_dut_open(dev
, apdev
):
142 """sigma_dut controlled open network association"""
144 run_sigma_dut_open(dev
, apdev
)
146 dev
[0].set("ignore_old_scan_res", "0")
148 def run_sigma_dut_open(dev
, apdev
):
149 ifname
= dev
[0].ifname
150 sigma
= start_sigma_dut(ifname
)
152 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "open"})
154 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
155 sigma_dut_cmd_check("sta_set_encryption,interface,%s,ssid,%s,encpType,none" % (ifname
, "open"))
156 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "open"))
157 sigma_dut_wait_connected(ifname
)
158 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
159 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
160 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
162 stop_sigma_dut(sigma
)
164 def test_sigma_dut_psk_pmf(dev
, apdev
):
165 """sigma_dut controlled PSK+PMF association"""
167 run_sigma_dut_psk_pmf(dev
, apdev
)
169 dev
[0].set("ignore_old_scan_res", "0")
171 def run_sigma_dut_psk_pmf(dev
, apdev
):
172 ifname
= dev
[0].ifname
173 sigma
= start_sigma_dut(ifname
)
175 ssid
= "test-pmf-required"
176 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
177 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
178 params
["ieee80211w"] = "2"
179 hapd
= hostapd
.add_ap(apdev
[0], params
)
181 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
182 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
183 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname
, "test-pmf-required", "12345678"))
184 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
185 sigma_dut_wait_connected(ifname
)
186 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
187 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
188 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
190 stop_sigma_dut(sigma
)
192 def test_sigma_dut_psk_pmf_bip_cmac_128(dev
, apdev
):
193 """sigma_dut controlled PSK+PMF association with BIP-CMAC-128"""
195 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-128", "AES-128-CMAC")
197 dev
[0].set("ignore_old_scan_res", "0")
199 def test_sigma_dut_psk_pmf_bip_cmac_256(dev
, apdev
):
200 """sigma_dut controlled PSK+PMF association with BIP-CMAC-256"""
202 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-CMAC-256", "BIP-CMAC-256")
204 dev
[0].set("ignore_old_scan_res", "0")
206 def test_sigma_dut_psk_pmf_bip_gmac_128(dev
, apdev
):
207 """sigma_dut controlled PSK+PMF association with BIP-GMAC-128"""
209 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-128", "BIP-GMAC-128")
211 dev
[0].set("ignore_old_scan_res", "0")
213 def test_sigma_dut_psk_pmf_bip_gmac_256(dev
, apdev
):
214 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256"""
216 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "BIP-GMAC-256")
218 dev
[0].set("ignore_old_scan_res", "0")
220 def test_sigma_dut_psk_pmf_bip_gmac_256_mismatch(dev
, apdev
):
221 """sigma_dut controlled PSK+PMF association with BIP-GMAC-256 mismatch"""
223 run_sigma_dut_psk_pmf_cipher(dev
, apdev
, "BIP-GMAC-256", "AES-128-CMAC",
226 dev
[0].set("ignore_old_scan_res", "0")
228 def run_sigma_dut_psk_pmf_cipher(dev
, apdev
, sigma_cipher
, hostapd_cipher
,
230 ifname
= dev
[0].ifname
231 sigma
= start_sigma_dut(ifname
)
233 ssid
= "test-pmf-required"
234 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
235 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
236 params
["ieee80211w"] = "2"
237 params
["group_mgmt_cipher"] = hostapd_cipher
238 hapd
= hostapd
.add_ap(apdev
[0], params
)
240 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
241 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
242 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required,GroupMgntCipher,%s" % (ifname
, "test-pmf-required", "12345678", sigma_cipher
))
243 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-pmf-required"))
245 ev
= dev
[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
246 "CTRL-EVENT-CONNECTED"], timeout
=10)
248 raise Exception("Network selection result not indicated")
249 if "CTRL-EVENT-CONNECTED" in ev
:
250 raise Exception("Unexpected connection")
251 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
252 if "connected,1" in res
:
253 raise Exception("Connection reported")
255 sigma_dut_wait_connected(ifname
)
256 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
258 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
259 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
261 stop_sigma_dut(sigma
)
263 def test_sigma_dut_sae(dev
, apdev
):
264 """sigma_dut controlled SAE association"""
265 if "SAE" not in dev
[0].get_capability("auth_alg"):
266 raise HwsimSkip("SAE not supported")
268 ifname
= dev
[0].ifname
269 sigma
= start_sigma_dut(ifname
)
272 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
273 params
['wpa_key_mgmt'] = 'SAE'
274 params
["ieee80211w"] = "2"
275 params
['sae_groups'] = '19 20 21'
276 hapd
= hostapd
.add_ap(apdev
[0], params
)
278 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
279 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
280 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", "12345678"))
281 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
282 sigma_dut_wait_connected(ifname
)
283 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
284 if dev
[0].get_status_field('sae_group') != '19':
285 raise Exception("Expected default SAE group not used")
286 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
288 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
290 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
291 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,ECGroupID,20" % (ifname
, "test-sae", "12345678"))
292 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
293 sigma_dut_wait_connected(ifname
)
294 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
295 if dev
[0].get_status_field('sae_group') != '20':
296 raise Exception("Expected SAE group not used")
297 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
298 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
300 stop_sigma_dut(sigma
)
302 def test_sigma_dut_sae_pmkid_include(dev
, apdev
):
303 """sigma_dut controlled SAE association with PMKID"""
304 if "SAE" not in dev
[0].get_capability("auth_alg"):
305 raise HwsimSkip("SAE not supported")
307 ifname
= dev
[0].ifname
308 sigma
= start_sigma_dut(ifname
)
311 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
312 params
['wpa_key_mgmt'] = 'SAE'
313 params
["ieee80211w"] = "2"
314 params
["sae_confirm_immediate"] = "1"
315 hapd
= hostapd
.add_ap(apdev
[0], params
)
317 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
318 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
319 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,PMKID_Include,enable" % (ifname
, "test-sae", "12345678"))
320 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
321 sigma_dut_wait_connected(ifname
)
322 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
323 stop_sigma_dut(sigma
)
325 def test_sigma_dut_sae_password(dev
, apdev
):
326 """sigma_dut controlled SAE association and long password"""
327 if "SAE" not in dev
[0].get_capability("auth_alg"):
328 raise HwsimSkip("SAE not supported")
330 ifname
= dev
[0].ifname
331 sigma
= start_sigma_dut(ifname
)
335 params
= hostapd
.wpa2_params(ssid
=ssid
)
336 params
['sae_password'] = 100*'B'
337 params
['wpa_key_mgmt'] = 'SAE'
338 params
["ieee80211w"] = "2"
339 hapd
= hostapd
.add_ap(apdev
[0], params
)
341 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
342 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
343 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", 100*'B'))
344 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
345 sigma_dut_wait_connected(ifname
)
346 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
347 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
348 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
350 stop_sigma_dut(sigma
)
352 def test_sigma_dut_sae_pw_id(dev
, apdev
):
353 """sigma_dut controlled SAE association with Password Identifier"""
354 if "SAE" not in dev
[0].get_capability("auth_alg"):
355 raise HwsimSkip("SAE not supported")
357 ifname
= dev
[0].ifname
358 sigma
= start_sigma_dut(ifname
, debug
=True)
361 params
= hostapd
.wpa2_params(ssid
=ssid
)
362 params
['wpa_key_mgmt'] = 'SAE'
363 params
["ieee80211w"] = "2"
364 params
['sae_password'] = 'secret|id=pw id'
365 params
['sae_groups'] = '19'
366 hapd
= hostapd
.add_ap(apdev
[0], params
)
368 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
369 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
370 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,AKMSuiteType,8;9,PasswordID,pw id" % (ifname
, "test-sae", "secret"))
371 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
372 sigma_dut_wait_connected(ifname
)
373 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
374 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
376 stop_sigma_dut(sigma
)
378 def test_sigma_dut_sae_pw_id_ft(dev
, apdev
):
379 """sigma_dut controlled SAE association with Password Identifier and FT"""
380 run_sigma_dut_sae_pw_id_ft(dev
, apdev
)
382 def test_sigma_dut_sae_pw_id_ft_over_ds(dev
, apdev
):
383 """sigma_dut controlled SAE association with Password Identifier and FT-over-DS"""
384 run_sigma_dut_sae_pw_id_ft(dev
, apdev
, over_ds
=True)
386 def run_sigma_dut_sae_pw_id_ft(dev
, apdev
, over_ds
=False):
387 if "SAE" not in dev
[0].get_capability("auth_alg"):
388 raise HwsimSkip("SAE not supported")
390 ifname
= dev
[0].ifname
391 sigma
= start_sigma_dut(ifname
, debug
=True)
394 params
= hostapd
.wpa2_params(ssid
=ssid
)
395 params
['wpa_key_mgmt'] = 'SAE FT-SAE'
396 params
["ieee80211w"] = "2"
397 params
['sae_password'] = ['pw1|id=id1', 'pw2|id=id2', 'pw3', 'pw4|id=id4']
398 params
['mobility_domain'] = 'aabb'
399 params
['ft_over_ds'] = '1' if over_ds
else '0'
400 bssid
= apdev
[0]['bssid'].replace(':', '')
401 params
['nas_identifier'] = bssid
+ '.nas.example.com'
402 params
['r1_key_holder'] = bssid
403 params
['pmk_r1_push'] = '0'
404 params
['r0kh'] = 'ff:ff:ff:ff:ff:ff * 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff'
405 params
['r1kh'] = '00:00:00:00:00:00 00:00:00:00:00:00 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff'
406 hapd
= hostapd
.add_ap(apdev
[0], params
)
408 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
410 sigma_dut_cmd_check("sta_preset_testparameters,interface,%s,FT_DS,Enable" % ifname
)
411 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
412 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,AKMSuiteType,8;9,PasswordID,id2" % (ifname
, "test-sae", "pw2"))
413 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
414 sigma_dut_wait_connected(ifname
)
416 bssid
= apdev
[1]['bssid'].replace(':', '')
417 params
['nas_identifier'] = bssid
+ '.nas.example.com'
418 params
['r1_key_holder'] = bssid
419 hapd2
= hostapd
.add_ap(apdev
[1], params
)
420 bssid
= hapd2
.own_addr()
421 sigma_dut_cmd_check("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname
, bssid
))
422 dev
[0].wait_connected()
424 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
425 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
427 stop_sigma_dut(sigma
)
429 def test_sigma_dut_sta_override_rsne(dev
, apdev
):
430 """sigma_dut and RSNE override on STA"""
432 run_sigma_dut_sta_override_rsne(dev
, apdev
)
434 dev
[0].set("ignore_old_scan_res", "0")
436 def run_sigma_dut_sta_override_rsne(dev
, apdev
):
437 ifname
= dev
[0].ifname
438 sigma
= start_sigma_dut(ifname
)
441 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
442 hapd
= hostapd
.add_ap(apdev
[0], params
)
444 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
446 tests
= ["30120100000fac040100000fac040100000fac02",
447 "30140100000fac040100000fac040100000fac02ffff"]
449 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
450 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,%s" % (ifname
, test
))
451 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
452 sigma_dut_wait_connected(ifname
)
453 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
454 dev
[0].dump_monitor()
456 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,type,PSK,passphrase,%s,EncpType,aes-ccmp,KeyMgmtType,wpa2" % (ifname
, "test-psk", "12345678"))
457 sigma_dut_cmd_check("dev_configure_ie,interface,%s,IE_Name,RSNE,Contents,300101" % ifname
)
458 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-psk"))
460 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
462 raise Exception("Association rejection not reported")
463 if "status_code=40" not in ev
:
464 raise Exception("Unexpected status code: " + ev
)
466 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
468 stop_sigma_dut(sigma
)
470 def test_sigma_dut_ap_psk(dev
, apdev
):
471 """sigma_dut controlled AP"""
472 with
HWSimRadio() as (radio
, iface
):
473 sigma
= start_sigma_dut(iface
)
475 sigma_dut_cmd_check("ap_reset_default")
476 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
477 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
478 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
480 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
482 sigma_dut_cmd_check("ap_reset_default")
484 stop_sigma_dut(sigma
)
486 def test_sigma_dut_ap_pskhex(dev
, apdev
, params
):
487 """sigma_dut controlled AP and PSKHEX"""
488 logdir
= os
.path
.join(params
['logdir'],
489 "sigma_dut_ap_pskhex.sigma-hostapd")
490 with
HWSimRadio() as (radio
, iface
):
491 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
493 psk
= "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
494 sigma_dut_cmd_check("ap_reset_default")
495 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
496 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSKHEX," + psk
)
497 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
499 dev
[0].connect("test-psk", raw_psk
=psk
, scan_freq
="2412")
501 sigma_dut_cmd_check("ap_reset_default")
503 stop_sigma_dut(sigma
)
505 def test_sigma_dut_ap_psk_sha256(dev
, apdev
, params
):
506 """sigma_dut controlled AP PSK SHA256"""
507 logdir
= os
.path
.join(params
['logdir'],
508 "sigma_dut_ap_psk_sha256.sigma-hostapd")
509 with
HWSimRadio() as (radio
, iface
):
510 sigma
= start_sigma_dut(iface
)
512 sigma_dut_cmd_check("ap_reset_default")
513 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
514 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-256,PSK,12345678")
515 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
517 dev
[0].connect("test-psk", key_mgmt
="WPA-PSK-SHA256",
518 psk
="12345678", scan_freq
="2412")
520 sigma_dut_cmd_check("ap_reset_default")
522 stop_sigma_dut(sigma
)
524 def test_sigma_dut_ap_psk_deauth(dev
, apdev
, params
):
525 """sigma_dut controlled AP and deauth commands"""
526 logdir
= os
.path
.join(params
['logdir'],
527 "sigma_dut_ap_psk_deauth.sigma-hostapd")
528 with
HWSimRadio() as (radio
, iface
):
529 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
531 sigma_dut_cmd_check("ap_reset_default")
532 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
533 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678,PMF,Required")
534 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
536 dev
[0].connect("test-psk", key_mgmt
="WPA-PSK-SHA256",
537 psk
="12345678", ieee80211w
="2", scan_freq
="2412")
538 addr
= dev
[0].own_addr()
539 dev
[0].dump_monitor()
541 sigma_dut_cmd_check("ap_deauth_sta,NAME,AP,sta_mac_address," + addr
)
542 ev
= dev
[0].wait_disconnected()
543 dev
[0].dump_monitor()
544 if "locally_generated=1" in ev
:
545 raise Exception("Unexpected disconnection reason")
546 dev
[0].wait_connected()
547 dev
[0].dump_monitor()
549 sigma_dut_cmd_check("ap_deauth_sta,NAME,AP,sta_mac_address," + addr
+ ",disconnect,silent")
550 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=5)
551 if ev
and "locally_generated=1" not in ev
:
552 raise Exception("Unexpected disconnection")
554 sigma_dut_cmd_check("ap_reset_default")
556 stop_sigma_dut(sigma
)
558 def test_sigma_dut_eap_ttls(dev
, apdev
, params
):
559 """sigma_dut controlled STA and EAP-TTLS parameters"""
560 logdir
= params
['logdir']
562 with
open("auth_serv/ca.pem", "r") as f
:
563 with
open(os
.path
.join(logdir
, "sigma_dut_eap_ttls.ca.pem"), "w") as f2
:
566 src
= "auth_serv/server.pem"
567 dst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls.server.der")
568 hashdst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls.server.pem.sha256")
569 subprocess
.check_call(["openssl", "x509", "-in", src
, "-out", dst
,
571 stderr
=open('/dev/null', 'w'))
572 with
open(dst
, "rb") as f
:
574 hash = hashlib
.sha256(der
).digest()
575 with
open(hashdst
, "w") as f
:
576 f
.write(binascii
.hexlify(hash).decode())
578 dst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls.incorrect.pem.sha256")
579 with
open(dst
, "w") as f
:
582 ssid
= "test-wpa2-eap"
583 params
= hostapd
.wpa2_eap_params(ssid
=ssid
)
584 hapd
= hostapd
.add_ap(apdev
[0], params
)
586 ifname
= dev
[0].ifname
587 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
589 cmd
= "sta_set_security,type,eapttls,interface,%s,ssid,%s,keymgmttype,wpa2,encType,AES-CCMP,PairwiseCipher,AES-CCMP-128,trustedRootCA,sigma_dut_eap_ttls.ca.pem,username,DOMAIN\mschapv2 user,password,password" % (ifname
, ssid
)
592 ",Domain,server.w1.fi",
593 ",DomainSuffix,w1.fi",
594 ",DomainSuffix,server.w1.fi",
595 ",ServerCert,sigma_dut_eap_ttls.server.pem"]
597 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
598 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
599 sigma_dut_cmd_check(cmd
+ extra
)
600 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
601 sigma_dut_wait_connected(ifname
)
602 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
603 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
604 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
605 dev
[0].dump_monitor()
607 tests
= [",Domain,w1.fi",
608 ",DomainSuffix,example.com",
609 ",ServerCert,sigma_dut_eap_ttls.incorrect.pem"]
611 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
612 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
613 sigma_dut_cmd_check(cmd
+ extra
)
614 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
615 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout
=10)
617 raise Exception("Server certificate error not reported")
618 res
= sigma_dut_cmd("sta_is_connected,interface," + ifname
)
619 if "connected,1" in res
:
620 raise Exception("Unexpected connection reported")
621 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
622 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
623 dev
[0].dump_monitor()
625 stop_sigma_dut(sigma
)
627 def test_sigma_dut_suite_b(dev
, apdev
, params
):
628 """sigma_dut controlled STA Suite B"""
629 check_suite_b_192_capa(dev
)
630 logdir
= params
['logdir']
632 with
open("auth_serv/ec2-ca.pem", "r") as f
:
633 with
open(os
.path
.join(logdir
, "suite_b_ca.pem"), "w") as f2
:
636 with
open("auth_serv/ec2-user.pem", "r") as f
:
637 with
open("auth_serv/ec2-user.key", "r") as f2
:
638 with
open(os
.path
.join(logdir
, "suite_b.pem"), "w") as f3
:
642 dev
[0].flush_scan_cache()
643 params
= suite_b_as_params()
644 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
645 params
['server_cert'] = 'auth_serv/ec2-server.pem'
646 params
['private_key'] = 'auth_serv/ec2-server.key'
647 params
['openssl_ciphers'] = 'SUITEB192'
648 hostapd
.add_ap(apdev
[1], params
)
650 params
= {"ssid": "test-suite-b",
652 "wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
653 "rsn_pairwise": "GCMP-256",
654 "group_mgmt_cipher": "BIP-GMAC-256",
657 'auth_server_addr': "127.0.0.1",
658 'auth_server_port': "18129",
659 'auth_server_shared_secret': "radius",
660 'nas_identifier': "nas.w1.fi"}
661 hapd
= hostapd
.add_ap(apdev
[0], params
)
663 ifname
= dev
[0].ifname
664 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
666 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
667 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
668 sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname
, "test-suite-b"))
669 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
670 sigma_dut_wait_connected(ifname
)
671 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
672 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
673 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
675 stop_sigma_dut(sigma
)
677 def test_sigma_dut_suite_b_rsa(dev
, apdev
, params
):
678 """sigma_dut controlled STA Suite B (RSA)"""
679 check_suite_b_192_capa(dev
)
680 logdir
= params
['logdir']
682 with
open("auth_serv/rsa3072-ca.pem", "r") as f
:
683 with
open(os
.path
.join(logdir
, "suite_b_ca_rsa.pem"), "w") as f2
:
686 with
open("auth_serv/rsa3072-user.pem", "r") as f
:
687 with
open("auth_serv/rsa3072-user.key", "r") as f2
:
688 with
open(os
.path
.join(logdir
, "suite_b_rsa.pem"), "w") as f3
:
692 dev
[0].flush_scan_cache()
693 params
= suite_b_192_rsa_ap_params()
694 hapd
= hostapd
.add_ap(apdev
[0], params
)
696 ifname
= dev
[0].ifname
697 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
)
699 cmd
= "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname
, "test-suite-b")
702 ",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
703 ",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"]
705 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
706 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
707 sigma_dut_cmd_check(cmd
+ extra
)
708 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-suite-b"))
709 sigma_dut_wait_connected(ifname
)
710 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
711 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
712 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
714 stop_sigma_dut(sigma
)
716 def test_sigma_dut_ap_suite_b(dev
, apdev
, params
):
717 """sigma_dut controlled AP Suite B"""
718 check_suite_b_192_capa(dev
)
719 logdir
= os
.path
.join(params
['logdir'],
720 "sigma_dut_ap_suite_b.sigma-hostapd")
721 params
= suite_b_as_params()
722 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
723 params
['server_cert'] = 'auth_serv/ec2-server.pem'
724 params
['private_key'] = 'auth_serv/ec2-server.key'
725 params
['openssl_ciphers'] = 'SUITEB192'
726 hostapd
.add_ap(apdev
[1], params
)
727 with
HWSimRadio() as (radio
, iface
):
728 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
730 sigma_dut_cmd_check("ap_reset_default")
731 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
732 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
733 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,SuiteB")
734 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
736 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
738 openssl_ciphers
="SUITEB192",
739 eap
="TLS", identity
="tls user",
740 ca_cert
="auth_serv/ec2-ca.pem",
741 client_cert
="auth_serv/ec2-user.pem",
742 private_key
="auth_serv/ec2-user.key",
743 pairwise
="GCMP-256", group
="GCMP-256",
746 sigma_dut_cmd_check("ap_reset_default")
748 stop_sigma_dut(sigma
)
750 def test_sigma_dut_ap_cipher_gcmp_128(dev
, apdev
, params
):
751 """sigma_dut controlled AP with GCMP-128/BIP-GMAC-128 cipher"""
752 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-128", "BIP-GMAC-128",
755 def test_sigma_dut_ap_cipher_gcmp_256(dev
, apdev
, params
):
756 """sigma_dut controlled AP with GCMP-256/BIP-GMAC-256 cipher"""
757 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
760 def test_sigma_dut_ap_cipher_ccmp_128(dev
, apdev
, params
):
761 """sigma_dut controlled AP with CCMP-128/BIP-CMAC-128 cipher"""
762 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128", "BIP-CMAC-128",
765 def test_sigma_dut_ap_cipher_ccmp_256(dev
, apdev
, params
):
766 """sigma_dut controlled AP with CCMP-256/BIP-CMAC-256 cipher"""
767 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-256", "BIP-CMAC-256",
770 def test_sigma_dut_ap_cipher_ccmp_gcmp_1(dev
, apdev
, params
):
771 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (1)"""
772 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
773 "BIP-GMAC-256", "CCMP")
775 def test_sigma_dut_ap_cipher_ccmp_gcmp_2(dev
, apdev
, params
):
776 """sigma_dut controlled AP with CCMP-128+GCMP-256 ciphers (2)"""
777 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-CCMP-128 AES-GCMP-256",
778 "BIP-GMAC-256", "GCMP-256", "CCMP")
780 def test_sigma_dut_ap_cipher_gcmp_256_group_ccmp(dev
, apdev
, params
):
781 """sigma_dut controlled AP with GCMP-256/CCMP/BIP-GMAC-256 cipher"""
782 run_sigma_dut_ap_cipher(dev
, apdev
, params
, "AES-GCMP-256", "BIP-GMAC-256",
783 "GCMP-256", "CCMP", "AES-CCMP-128")
785 def run_sigma_dut_ap_cipher(dev
, apdev
, params
, ap_pairwise
, ap_group_mgmt
,
786 sta_cipher
, sta_cipher_group
=None, ap_group
=None):
787 check_suite_b_192_capa(dev
)
788 logdir
= os
.path
.join(params
['logdir'],
789 "sigma_dut_ap_cipher.sigma-hostapd")
790 params
= suite_b_as_params()
791 params
['ca_cert'] = 'auth_serv/ec2-ca.pem'
792 params
['server_cert'] = 'auth_serv/ec2-server.pem'
793 params
['private_key'] = 'auth_serv/ec2-server.key'
794 params
['openssl_ciphers'] = 'SUITEB192'
795 hostapd
.add_ap(apdev
[1], params
)
796 with
HWSimRadio() as (radio
, iface
):
797 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
799 sigma_dut_cmd_check("ap_reset_default")
800 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-suite-b,MODE,11ng")
801 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,18129,PASSWORD,radius")
802 cmd
= "ap_set_security,NAME,AP,KEYMGNT,SuiteB,PMF,Required,PairwiseCipher,%s,GroupMgntCipher,%s" % (ap_pairwise
, ap_group_mgmt
)
804 cmd
+= ",GroupCipher,%s" % ap_group
805 sigma_dut_cmd_check(cmd
)
806 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
808 if sta_cipher_group
is None:
809 sta_cipher_group
= sta_cipher
810 dev
[0].connect("test-suite-b", key_mgmt
="WPA-EAP-SUITE-B-192",
812 openssl_ciphers
="SUITEB192",
813 eap
="TLS", identity
="tls user",
814 ca_cert
="auth_serv/ec2-ca.pem",
815 client_cert
="auth_serv/ec2-user.pem",
816 private_key
="auth_serv/ec2-user.key",
817 pairwise
=sta_cipher
, group
=sta_cipher_group
,
820 sigma_dut_cmd_check("ap_reset_default")
822 stop_sigma_dut(sigma
)
824 def test_sigma_dut_ap_override_rsne(dev
, apdev
):
825 """sigma_dut controlled AP overriding RSNE"""
826 with
HWSimRadio() as (radio
, iface
):
827 sigma
= start_sigma_dut(iface
)
829 sigma_dut_cmd_check("ap_reset_default")
830 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
831 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
832 sigma_dut_cmd_check("dev_configure_ie,NAME,AP,interface,%s,IE_Name,RSNE,Contents,30180100000fac040200ffffffff000fac040100000fac020c00" % iface
)
833 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
835 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412")
837 sigma_dut_cmd_check("ap_reset_default")
839 stop_sigma_dut(sigma
)
841 def test_sigma_dut_ap_sae(dev
, apdev
, params
):
842 """sigma_dut controlled AP with SAE"""
843 logdir
= os
.path
.join(params
['logdir'],
844 "sigma_dut_ap_sae.sigma-hostapd")
845 if "SAE" not in dev
[0].get_capability("auth_alg"):
846 raise HwsimSkip("SAE not supported")
847 with
HWSimRadio() as (radio
, iface
):
848 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
850 sigma_dut_cmd_check("ap_reset_default")
851 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
852 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
853 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
855 dev
[0].request("SET sae_groups ")
856 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
857 ieee80211w
="2", scan_freq
="2412")
858 if dev
[0].get_status_field('sae_group') != '19':
859 raise Exception("Expected default SAE group not used")
861 sigma_dut_cmd_check("ap_reset_default")
863 stop_sigma_dut(sigma
)
865 def test_sigma_dut_ap_sae_confirm_immediate(dev
, apdev
, params
):
866 """sigma_dut controlled AP with SAE Confirm immediate"""
867 logdir
= os
.path
.join(params
['logdir'],
868 "sigma_dut_ap_sae_confirm_immediate.sigma-hostapd")
869 if "SAE" not in dev
[0].get_capability("auth_alg"):
870 raise HwsimSkip("SAE not supported")
871 with
HWSimRadio() as (radio
, iface
):
872 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
874 sigma_dut_cmd_check("ap_reset_default")
875 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
876 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,SAE_Confirm_Immediate,enable")
877 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
879 dev
[0].request("SET sae_groups ")
880 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
881 ieee80211w
="2", scan_freq
="2412")
882 if dev
[0].get_status_field('sae_group') != '19':
883 raise Exception("Expected default SAE group not used")
885 sigma_dut_cmd_check("ap_reset_default")
887 stop_sigma_dut(sigma
)
889 def test_sigma_dut_ap_sae_password(dev
, apdev
, params
):
890 """sigma_dut controlled AP with SAE and long password"""
891 logdir
= os
.path
.join(params
['logdir'],
892 "sigma_dut_ap_sae_password.sigma-hostapd")
893 if "SAE" not in dev
[0].get_capability("auth_alg"):
894 raise HwsimSkip("SAE not supported")
895 with
HWSimRadio() as (radio
, iface
):
896 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
898 sigma_dut_cmd_check("ap_reset_default")
899 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
900 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK," + 100*'C')
901 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
903 dev
[0].request("SET sae_groups ")
904 dev
[0].connect("test-sae", key_mgmt
="SAE", sae_password
=100*'C',
905 ieee80211w
="2", scan_freq
="2412")
906 if dev
[0].get_status_field('sae_group') != '19':
907 raise Exception("Expected default SAE group not used")
909 sigma_dut_cmd_check("ap_reset_default")
911 stop_sigma_dut(sigma
)
913 def test_sigma_dut_ap_sae_pw_id(dev
, apdev
, params
):
914 """sigma_dut controlled AP with SAE Password Identifier"""
915 logdir
= os
.path
.join(params
['logdir'],
916 "sigma_dut_ap_sae_pw_id.sigma-hostapd")
917 conffile
= os
.path
.join(params
['logdir'],
918 "sigma_dut_ap_sae_pw_id.sigma-conf")
919 if "SAE" not in dev
[0].get_capability("auth_alg"):
920 raise HwsimSkip("SAE not supported")
921 with
HWSimRadio() as (radio
, iface
):
922 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
924 sigma_dut_cmd_check("ap_reset_default")
925 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
926 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8,SAEPasswords,pw1:id1;pw2:id2;pw3;pw4:id4,PMF,Required")
927 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
929 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
930 with
open(conffile
, "wb") as f2
:
933 dev
[0].request("SET sae_groups ")
934 tests
= [("pw1", "id1"),
938 for pw
, pw_id
in tests
:
939 dev
[0].connect("test-sae", key_mgmt
="SAE", sae_password
=pw
,
940 sae_password_id
=pw_id
,
941 ieee80211w
="2", scan_freq
="2412")
942 dev
[0].request("REMOVE_NETWORK all")
943 dev
[0].wait_disconnected()
945 sigma_dut_cmd_check("ap_reset_default")
947 stop_sigma_dut(sigma
)
949 def test_sigma_dut_ap_sae_pw_id_ft(dev
, apdev
, params
):
950 """sigma_dut controlled AP with SAE Password Identifier and FT"""
951 logdir
= os
.path
.join(params
['logdir'],
952 "sigma_dut_ap_sae_pw_id_ft.sigma-hostapd")
953 conffile
= os
.path
.join(params
['logdir'],
954 "sigma_dut_ap_sae_pw_id_ft.sigma-conf")
955 if "SAE" not in dev
[0].get_capability("auth_alg"):
956 raise HwsimSkip("SAE not supported")
957 with
HWSimRadio() as (radio
, iface
):
958 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
960 sigma_dut_cmd_check("ap_reset_default")
961 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng,DOMAIN,aabb")
962 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8;9,SAEPasswords,pw1:id1;pw2:id2;pw3;pw4:id4,PMF,Required")
963 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
965 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
966 with
open(conffile
, "wb") as f2
:
969 dev
[0].request("SET sae_groups ")
970 tests
= [("pw1", "id1", "SAE"),
971 ("pw2", "id2", "FT-SAE"),
972 ("pw3", None, "FT-SAE"),
973 ("pw4", "id4", "SAE")]
974 for pw
, pw_id
, key_mgmt
in tests
:
975 dev
[0].connect("test-sae", key_mgmt
=key_mgmt
, sae_password
=pw
,
976 sae_password_id
=pw_id
,
977 ieee80211w
="2", scan_freq
="2412")
978 dev
[0].request("REMOVE_NETWORK all")
979 dev
[0].wait_disconnected()
981 sigma_dut_cmd_check("ap_reset_default")
983 stop_sigma_dut(sigma
)
985 def test_sigma_dut_ap_sae_group(dev
, apdev
, params
):
986 """sigma_dut controlled AP with SAE and specific group"""
987 logdir
= os
.path
.join(params
['logdir'],
988 "sigma_dut_ap_sae_group.sigma-hostapd")
989 if "SAE" not in dev
[0].get_capability("auth_alg"):
990 raise HwsimSkip("SAE not supported")
991 with
HWSimRadio() as (radio
, iface
):
992 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
994 sigma_dut_cmd_check("ap_reset_default")
995 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
996 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,ECGroupID,20")
997 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
999 dev
[0].request("SET sae_groups ")
1000 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
1001 ieee80211w
="2", scan_freq
="2412")
1002 if dev
[0].get_status_field('sae_group') != '20':
1003 raise Exception("Expected SAE group not used")
1005 sigma_dut_cmd_check("ap_reset_default")
1007 stop_sigma_dut(sigma
)
1009 def test_sigma_dut_ap_psk_sae(dev
, apdev
, params
):
1010 """sigma_dut controlled AP with PSK+SAE"""
1011 if "SAE" not in dev
[0].get_capability("auth_alg"):
1012 raise HwsimSkip("SAE not supported")
1013 logdir
= os
.path
.join(params
['logdir'],
1014 "sigma_dut_ap_psk_sae.sigma-hostapd")
1015 with
HWSimRadio() as (radio
, iface
):
1016 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1018 sigma_dut_cmd_check("ap_reset_default")
1019 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
1020 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK-SAE,PSK,12345678")
1021 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1023 dev
[2].request("SET sae_groups ")
1024 dev
[2].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
1025 scan_freq
="2412", ieee80211w
="0", wait_connect
=False)
1026 dev
[0].request("SET sae_groups ")
1027 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
1028 scan_freq
="2412", ieee80211w
="2")
1029 dev
[1].connect("test-sae", psk
="12345678", scan_freq
="2412")
1031 ev
= dev
[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=0.1)
1032 dev
[2].request("DISCONNECT")
1034 raise Exception("Unexpected connection without PMF")
1036 sigma_dut_cmd_check("ap_reset_default")
1038 stop_sigma_dut(sigma
)
1040 def test_sigma_dut_ap_psk_sae_ft(dev
, apdev
, params
):
1041 """sigma_dut controlled AP with PSK, SAE, FT"""
1042 logdir
= os
.path
.join(params
['logdir'],
1043 "sigma_dut_ap_psk_sae_ft.sigma-hostapd")
1044 conffile
= os
.path
.join(params
['logdir'],
1045 "sigma_dut_ap_psk_sae_ft.sigma-conf")
1046 if "SAE" not in dev
[0].get_capability("auth_alg"):
1047 raise HwsimSkip("SAE not supported")
1048 with
HWSimRadio() as (radio
, iface
):
1049 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
1051 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1052 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae-psk,MODE,11ng,DOMAIN,aabb")
1053 sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,2;4;6;8;9,PSK,12345678,PairwiseCipher,AES-CCMP-128,GroupCipher,AES-CCMP-128")
1054 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,DOMAIN,0101,FT_OA,Enable")
1055 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,FT_BSS_LIST," + apdev
[1]['bssid'])
1056 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1058 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
1059 with
open(conffile
, "wb") as f2
:
1062 dev
[0].request("SET sae_groups ")
1063 dev
[0].connect("test-sae-psk", key_mgmt
="SAE FT-SAE",
1064 sae_password
="12345678", scan_freq
="2412")
1065 dev
[1].connect("test-sae-psk", key_mgmt
="WPA-PSK FT-PSK",
1066 psk
="12345678", scan_freq
="2412")
1067 dev
[2].connect("test-sae-psk", key_mgmt
="WPA-PSK",
1068 psk
="12345678", scan_freq
="2412")
1070 sigma_dut_cmd_check("ap_reset_default")
1072 stop_sigma_dut(sigma
)
1074 def test_sigma_dut_owe(dev
, apdev
):
1075 """sigma_dut controlled OWE station"""
1077 run_sigma_dut_owe(dev
, apdev
)
1079 dev
[0].set("ignore_old_scan_res", "0")
1081 def run_sigma_dut_owe(dev
, apdev
):
1082 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1083 raise HwsimSkip("OWE not supported")
1085 ifname
= dev
[0].ifname
1086 sigma
= start_sigma_dut(ifname
)
1089 params
= {"ssid": "owe",
1091 "wpa_key_mgmt": "OWE",
1093 "rsn_pairwise": "CCMP"}
1094 hapd
= hostapd
.add_ap(apdev
[0], params
)
1095 bssid
= hapd
.own_addr()
1097 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
1098 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
1099 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE" % ifname
)
1100 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
1101 sigma_dut_wait_connected(ifname
)
1102 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
1104 dev
[0].dump_monitor()
1105 sigma_dut_cmd("sta_reassoc,interface,%s,Channel,1,bssid,%s" % (ifname
, bssid
))
1106 dev
[0].wait_connected()
1107 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
1108 dev
[0].wait_disconnected()
1109 dev
[0].dump_monitor()
1111 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
1112 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
1113 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname
)
1114 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
1115 sigma_dut_wait_connected(ifname
)
1116 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
1117 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
1118 dev
[0].wait_disconnected()
1119 dev
[0].dump_monitor()
1121 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
1122 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
1123 sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,0" % ifname
)
1124 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname
)
1125 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
1126 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
1128 raise Exception("Association not rejected")
1129 if "status_code=77" not in ev
:
1130 raise Exception("Unexpected rejection reason: " + ev
)
1132 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
1134 stop_sigma_dut(sigma
)
1136 def test_sigma_dut_ap_owe(dev
, apdev
, params
):
1137 """sigma_dut controlled AP with OWE"""
1138 logdir
= os
.path
.join(params
['logdir'],
1139 "sigma_dut_ap_owe.sigma-hostapd")
1140 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1141 raise HwsimSkip("OWE not supported")
1142 with
HWSimRadio() as (radio
, iface
):
1143 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1145 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1146 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
1147 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE")
1148 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1150 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1153 sigma_dut_cmd_check("ap_reset_default")
1155 stop_sigma_dut(sigma
)
1157 def test_sigma_dut_ap_owe_ecgroupid(dev
, apdev
):
1158 """sigma_dut controlled AP with OWE and ECGroupID"""
1159 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1160 raise HwsimSkip("OWE not supported")
1161 with
HWSimRadio() as (radio
, iface
):
1162 sigma
= start_sigma_dut(iface
)
1164 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1165 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
1166 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20 21,PMF,Required")
1167 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1169 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1170 owe_group
="20", scan_freq
="2412")
1171 dev
[0].request("REMOVE_NETWORK all")
1172 dev
[0].wait_disconnected()
1174 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1175 owe_group
="21", scan_freq
="2412")
1176 dev
[0].request("REMOVE_NETWORK all")
1177 dev
[0].wait_disconnected()
1179 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1180 owe_group
="19", scan_freq
="2412", wait_connect
=False)
1181 ev
= dev
[0].wait_event(["CTRL-EVENT-ASSOC-REJECT"], timeout
=10)
1182 dev
[0].request("DISCONNECT")
1184 raise Exception("Association not rejected")
1185 if "status_code=77" not in ev
:
1186 raise Exception("Unexpected rejection reason: " + ev
)
1187 dev
[0].dump_monitor()
1189 sigma_dut_cmd_check("ap_reset_default")
1191 stop_sigma_dut(sigma
)
1193 def test_sigma_dut_ap_owe_transition_mode(dev
, apdev
, params
):
1194 """sigma_dut controlled AP with OWE and transition mode"""
1195 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1196 raise HwsimSkip("OWE not supported")
1197 logdir
= os
.path
.join(params
['logdir'],
1198 "sigma_dut_ap_owe_transition_mode.sigma-hostapd")
1199 with
HWSimRadio() as (radio
, iface
):
1200 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1202 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1203 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
1204 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,OWE")
1205 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,owe,MODE,11ng")
1206 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
1207 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1209 res1
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
1210 res2
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
1212 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1214 dev
[1].connect("owe", key_mgmt
="NONE", scan_freq
="2412")
1215 if dev
[0].get_status_field('bssid') not in res1
:
1216 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res1
)
1217 if dev
[1].get_status_field('bssid') not in res2
:
1218 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res2
)
1220 sigma_dut_cmd_check("ap_reset_default")
1222 stop_sigma_dut(sigma
)
1224 def test_sigma_dut_ap_owe_transition_mode_2(dev
, apdev
, params
):
1225 """sigma_dut controlled AP with OWE and transition mode (2)"""
1226 if "OWE" not in dev
[0].get_capability("key_mgmt"):
1227 raise HwsimSkip("OWE not supported")
1228 logdir
= os
.path
.join(params
['logdir'],
1229 "sigma_dut_ap_owe_transition_mode_2.sigma-hostapd")
1230 with
HWSimRadio() as (radio
, iface
):
1231 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1233 sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
1234 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,owe,MODE,11ng")
1235 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,NONE")
1236 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,MODE,11ng")
1237 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,OWE")
1238 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
1240 res1
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,1,Interface,24G")
1241 res2
= sigma_dut_cmd_check("ap_get_mac_address,NAME,AP,WLAN_TAG,2,Interface,24G")
1243 dev
[0].connect("owe", key_mgmt
="OWE", ieee80211w
="2",
1245 dev
[1].connect("owe", key_mgmt
="NONE", scan_freq
="2412")
1246 if dev
[0].get_status_field('bssid') not in res2
:
1247 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,2: " + res1
)
1248 if dev
[1].get_status_field('bssid') not in res1
:
1249 raise Exception("Unexpected ap_get_mac_address WLAN_TAG,1: " + res2
)
1251 sigma_dut_cmd_check("ap_reset_default")
1253 stop_sigma_dut(sigma
)
1255 def dpp_init_enrollee(dev
, id1
):
1256 logger
.info("Starting DPP initiator/enrollee in a thread")
1258 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee" % id1
1259 if "OK" not in dev
.request(cmd
):
1260 raise Exception("Failed to initiate DPP Authentication")
1261 ev
= dev
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
1263 raise Exception("DPP configuration not completed (Enrollee)")
1264 logger
.info("DPP initiator/enrollee done")
1266 def test_sigma_dut_dpp_qr_resp_1(dev
, apdev
):
1267 """sigma_dut DPP/QR responder (conf index 1)"""
1268 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1)
1270 def test_sigma_dut_dpp_qr_resp_2(dev
, apdev
):
1271 """sigma_dut DPP/QR responder (conf index 2)"""
1272 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 2)
1274 def test_sigma_dut_dpp_qr_resp_3(dev
, apdev
):
1275 """sigma_dut DPP/QR responder (conf index 3)"""
1276 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 3)
1278 def test_sigma_dut_dpp_qr_resp_4(dev
, apdev
):
1279 """sigma_dut DPP/QR responder (conf index 4)"""
1280 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 4)
1282 def test_sigma_dut_dpp_qr_resp_5(dev
, apdev
):
1283 """sigma_dut DPP/QR responder (conf index 5)"""
1284 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 5)
1286 def test_sigma_dut_dpp_qr_resp_6(dev
, apdev
):
1287 """sigma_dut DPP/QR responder (conf index 6)"""
1288 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 6)
1290 def test_sigma_dut_dpp_qr_resp_7(dev
, apdev
):
1291 """sigma_dut DPP/QR responder (conf index 7)"""
1292 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 7)
1294 def test_sigma_dut_dpp_qr_resp_8(dev
, apdev
):
1295 """sigma_dut DPP/QR responder (conf index 8)"""
1296 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 8)
1298 def test_sigma_dut_dpp_qr_resp_9(dev
, apdev
):
1299 """sigma_dut DPP/QR responder (conf index 9)"""
1300 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 9)
1302 def test_sigma_dut_dpp_qr_resp_10(dev
, apdev
):
1303 """sigma_dut DPP/QR responder (conf index 10)"""
1304 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 10)
1306 def test_sigma_dut_dpp_qr_resp_chan_list(dev
, apdev
):
1307 """sigma_dut DPP/QR responder (channel list override)"""
1308 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 1, chan_list
='81/2 81/6 81/1',
1311 def test_sigma_dut_dpp_qr_resp_status_query(dev
, apdev
):
1312 """sigma_dut DPP/QR responder status query"""
1313 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1314 passphrase
="ThisIsDppPassphrase")
1315 hapd
= hostapd
.add_ap(apdev
[0], params
)
1318 dev
[1].set("dpp_config_processing", "2")
1319 run_sigma_dut_dpp_qr_resp(dev
, apdev
, 3, status_query
=True)
1321 dev
[1].set("dpp_config_processing", "0")
1323 def run_sigma_dut_dpp_qr_resp(dev
, apdev
, conf_idx
, chan_list
=None,
1324 listen_chan
=None, status_query
=False):
1325 check_dpp_capab(dev
[0])
1326 check_dpp_capab(dev
[1])
1327 sigma
= start_sigma_dut(dev
[0].ifname
)
1329 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1331 cmd
+= ",DPPChannelList," + chan_list
1332 res
= sigma_dut_cmd(cmd
)
1333 if "status,COMPLETE" not in res
:
1334 raise Exception("dev_exec_action did not succeed: " + res
)
1335 hex = res
.split(',')[3]
1337 logger
.info("URI from sigma_dut: " + uri
)
1339 id1
= dev
[1].dpp_qr_code(uri
)
1341 t
= threading
.Thread(target
=dpp_init_enrollee
, args
=(dev
[1], id1
))
1343 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,%d,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPTimeout,6" % conf_idx
1345 cmd
+= ",DPPListenChannel," + str(listen_chan
)
1347 cmd
+= ",DPPStatusQuery,Yes"
1348 res
= sigma_dut_cmd(cmd
, timeout
=10)
1350 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1351 raise Exception("Unexpected result: " + res
)
1352 if status_query
and "StatusResult,0" not in res
:
1353 raise Exception("Status query did not succeed: " + res
)
1355 stop_sigma_dut(sigma
)
1357 def test_sigma_dut_dpp_qr_init_enrollee(dev
, apdev
):
1358 """sigma_dut DPP/QR initiator as Enrollee"""
1359 check_dpp_capab(dev
[0])
1360 check_dpp_capab(dev
[1])
1362 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1363 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1364 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1365 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1367 params
= {"ssid": "DPPNET01",
1370 "wpa_key_mgmt": "DPP",
1371 "rsn_pairwise": "CCMP",
1372 "dpp_connector": ap_connector
,
1373 "dpp_csign": csign_pub
,
1374 "dpp_netaccesskey": ap_netaccesskey
}
1376 hapd
= hostapd
.add_ap(apdev
[0], params
)
1378 raise HwsimSkip("DPP not supported")
1380 sigma
= start_sigma_dut(dev
[0].ifname
)
1382 dev
[0].set("dpp_config_processing", "2")
1384 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1385 res
= dev
[1].request(cmd
)
1387 raise Exception("Failed to add configurator")
1390 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1391 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1393 dev
[1].set("dpp_configurator_params",
1394 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id
))
1395 cmd
= "DPP_LISTEN 2437 role=configurator"
1396 if "OK" not in dev
[1].request(cmd
):
1397 raise Exception("Failed to start listen operation")
1399 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1400 if "status,COMPLETE" not in res
:
1401 raise Exception("dev_exec_action did not succeed: " + res
)
1403 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1404 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1405 raise Exception("Unexpected result: " + res
)
1407 dev
[0].set("dpp_config_processing", "0")
1408 stop_sigma_dut(sigma
)
1410 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
1411 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1412 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
)
1414 def test_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
):
1415 """sigma_dut DPP/QR (mutual) initiator as Enrollee (extra check)"""
1416 run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
,
1417 extra
="DPPAuthDirection,Mutual,")
1419 def run_sigma_dut_dpp_qr_mutual_init_enrollee_check(dev
, apdev
, extra
=''):
1420 check_dpp_capab(dev
[0])
1421 check_dpp_capab(dev
[1])
1423 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1424 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1425 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1426 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1428 params
= {"ssid": "DPPNET01",
1431 "wpa_key_mgmt": "DPP",
1432 "rsn_pairwise": "CCMP",
1433 "dpp_connector": ap_connector
,
1434 "dpp_csign": csign_pub
,
1435 "dpp_netaccesskey": ap_netaccesskey
}
1437 hapd
= hostapd
.add_ap(apdev
[0], params
)
1439 raise HwsimSkip("DPP not supported")
1441 sigma
= start_sigma_dut(dev
[0].ifname
)
1443 dev
[0].set("dpp_config_processing", "2")
1445 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1446 res
= dev
[1].request(cmd
)
1448 raise Exception("Failed to add configurator")
1451 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1452 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1454 dev
[1].set("dpp_configurator_params",
1455 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"), conf_id
))
1456 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1457 if "OK" not in dev
[1].request(cmd
):
1458 raise Exception("Failed to start listen operation")
1460 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1461 if "status,COMPLETE" not in res
:
1462 raise Exception("dev_exec_action did not succeed: " + res
)
1463 hex = res
.split(',')[3]
1465 logger
.info("URI from sigma_dut: " + uri
)
1467 id1
= dev
[1].dpp_qr_code(uri
)
1469 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1470 if "status,COMPLETE" not in res
:
1471 raise Exception("dev_exec_action did not succeed: " + res
)
1473 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,%sDPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes" % extra
, timeout
=10)
1474 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1475 raise Exception("Unexpected result: " + res
)
1477 dev
[0].set("dpp_config_processing", "0")
1478 stop_sigma_dut(sigma
)
1480 def dpp_init_conf_mutual(dev
, id1
, conf_id
, own_id
=None):
1482 logger
.info("Starting DPP initiator/configurator in a thread")
1483 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp ssid=%s configurator=%d" % (id1
, to_hex("DPPNET01"), conf_id
)
1484 if own_id
is not None:
1485 cmd
+= " own=%d" % own_id
1486 if "OK" not in dev
.request(cmd
):
1487 raise Exception("Failed to initiate DPP Authentication")
1488 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1490 raise Exception("DPP configuration not completed (Configurator)")
1491 logger
.info("DPP initiator/configurator done")
1493 def test_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
):
1494 """sigma_dut DPP/QR (mutual) responder as Enrollee"""
1495 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
)
1497 def test_sigma_dut_dpp_qr_mutual_resp_enrollee_pending(dev
, apdev
):
1498 """sigma_dut DPP/QR (mutual) responder as Enrollee (response pending)"""
1499 run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, ',DPPDelayQRResponse,1')
1501 def run_sigma_dut_dpp_qr_mutual_resp_enrollee(dev
, apdev
, extra
=None):
1502 check_dpp_capab(dev
[0])
1503 check_dpp_capab(dev
[1])
1505 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1506 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1507 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1508 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1510 params
= {"ssid": "DPPNET01",
1513 "wpa_key_mgmt": "DPP",
1514 "rsn_pairwise": "CCMP",
1515 "dpp_connector": ap_connector
,
1516 "dpp_csign": csign_pub
,
1517 "dpp_netaccesskey": ap_netaccesskey
}
1519 hapd
= hostapd
.add_ap(apdev
[0], params
)
1521 raise HwsimSkip("DPP not supported")
1523 sigma
= start_sigma_dut(dev
[0].ifname
)
1525 dev
[0].set("dpp_config_processing", "2")
1527 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1528 res
= dev
[1].request(cmd
)
1530 raise Exception("Failed to add configurator")
1533 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1534 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1536 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1537 if "status,COMPLETE" not in res
:
1538 raise Exception("dev_exec_action did not succeed: " + res
)
1539 hex = res
.split(',')[3]
1541 logger
.info("URI from sigma_dut: " + uri
)
1543 id1
= dev
[1].dpp_qr_code(uri
)
1545 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1546 if "status,COMPLETE" not in res
:
1547 raise Exception("dev_exec_action did not succeed: " + res
)
1549 t
= threading
.Thread(target
=dpp_init_conf_mutual
,
1550 args
=(dev
[1], id1
, conf_id
, id0
))
1553 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,20,DPPWaitForConnect,Yes"
1556 res
= sigma_dut_cmd(cmd
, timeout
=25)
1558 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1559 raise Exception("Unexpected result: " + res
)
1561 dev
[0].set("dpp_config_processing", "0")
1562 stop_sigma_dut(sigma
)
1564 def dpp_resp_conf_mutual(dev
, conf_id
, uri
):
1565 logger
.info("Starting DPP responder/configurator in a thread")
1566 dev
.set("dpp_configurator_params",
1567 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
1569 cmd
= "DPP_LISTEN 2437 role=configurator qr=mutual"
1570 if "OK" not in dev
.request(cmd
):
1571 raise Exception("Failed to initiate DPP listen")
1573 ev
= dev
.wait_event(["DPP-SCAN-PEER-QR-CODE"], timeout
=10)
1575 raise Exception("QR Code scan for mutual authentication not requested")
1576 dev
.dpp_qr_code(uri
)
1577 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=10)
1579 raise Exception("DPP configuration not completed (Configurator)")
1580 logger
.info("DPP responder/configurator done")
1582 def test_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
):
1583 """sigma_dut DPP/QR (mutual) initiator as Enrollee"""
1584 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, False)
1586 def test_sigma_dut_dpp_qr_mutual_init_enrollee_pending(dev
, apdev
):
1587 """sigma_dut DPP/QR (mutual) initiator as Enrollee (response pending)"""
1588 run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, True)
1590 def run_sigma_dut_dpp_qr_mutual_init_enrollee(dev
, apdev
, resp_pending
):
1591 check_dpp_capab(dev
[0])
1592 check_dpp_capab(dev
[1])
1594 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1595 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
1596 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
1597 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
1599 params
= {"ssid": "DPPNET01",
1602 "wpa_key_mgmt": "DPP",
1603 "rsn_pairwise": "CCMP",
1604 "dpp_connector": ap_connector
,
1605 "dpp_csign": csign_pub
,
1606 "dpp_netaccesskey": ap_netaccesskey
}
1608 hapd
= hostapd
.add_ap(apdev
[0], params
)
1610 raise HwsimSkip("DPP not supported")
1612 sigma
= start_sigma_dut(dev
[0].ifname
)
1614 dev
[0].set("dpp_config_processing", "2")
1616 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
1617 res
= dev
[1].request(cmd
)
1619 raise Exception("Failed to add configurator")
1622 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1623 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1625 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1626 if "status,COMPLETE" not in res
:
1627 raise Exception("dev_exec_action did not succeed: " + res
)
1628 hex = res
.split(',')[3]
1630 logger
.info("URI from sigma_dut: " + uri
)
1632 if not resp_pending
:
1633 dev
[1].dpp_qr_code(uri
)
1636 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1637 if "status,COMPLETE" not in res
:
1638 raise Exception("dev_exec_action did not succeed: " + res
)
1640 t
= threading
.Thread(target
=dpp_resp_conf_mutual
,
1641 args
=(dev
[1], conf_id
, uri
))
1645 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,10,DPPWaitForConnect,Yes"
1646 res
= sigma_dut_cmd(cmd
, timeout
=15)
1648 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
1649 raise Exception("Unexpected result: " + res
)
1651 dev
[0].set("dpp_config_processing", "0")
1652 stop_sigma_dut(sigma
)
1654 def test_sigma_dut_dpp_qr_init_enrollee_psk(dev
, apdev
):
1655 """sigma_dut DPP/QR initiator as Enrollee (PSK)"""
1656 check_dpp_capab(dev
[0])
1657 check_dpp_capab(dev
[1])
1659 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1660 passphrase
="ThisIsDppPassphrase")
1661 hapd
= hostapd
.add_ap(apdev
[0], params
)
1663 sigma
= start_sigma_dut(dev
[0].ifname
)
1665 dev
[0].set("dpp_config_processing", "2")
1667 cmd
= "DPP_CONFIGURATOR_ADD"
1668 res
= dev
[1].request(cmd
)
1670 raise Exception("Failed to add configurator")
1673 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1674 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1676 dev
[1].set("dpp_configurator_params",
1677 " conf=sta-psk ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id
))
1678 cmd
= "DPP_LISTEN 2437 role=configurator"
1679 if "OK" not in dev
[1].request(cmd
):
1680 raise Exception("Failed to start listen operation")
1682 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1683 if "status,COMPLETE" not in res
:
1684 raise Exception("dev_exec_action did not succeed: " + res
)
1686 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1687 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res
:
1688 raise Exception("Unexpected result: " + res
)
1690 dev
[0].set("dpp_config_processing", "0")
1691 stop_sigma_dut(sigma
)
1693 def test_sigma_dut_dpp_qr_init_enrollee_sae(dev
, apdev
):
1694 """sigma_dut DPP/QR initiator as Enrollee (SAE)"""
1695 check_dpp_capab(dev
[0])
1696 check_dpp_capab(dev
[1])
1697 if "SAE" not in dev
[0].get_capability("auth_alg"):
1698 raise HwsimSkip("SAE not supported")
1700 params
= hostapd
.wpa2_params(ssid
="DPPNET01",
1701 passphrase
="ThisIsDppPassphrase")
1702 params
['wpa_key_mgmt'] = 'SAE'
1703 params
["ieee80211w"] = "2"
1704 hapd
= hostapd
.add_ap(apdev
[0], params
)
1706 sigma
= start_sigma_dut(dev
[0].ifname
)
1708 dev
[0].set("dpp_config_processing", "2")
1709 dev
[0].set("sae_groups", "")
1711 cmd
= "DPP_CONFIGURATOR_ADD"
1712 res
= dev
[1].request(cmd
)
1714 raise Exception("Failed to add configurator")
1717 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1718 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1720 dev
[1].set("dpp_configurator_params",
1721 " conf=sta-sae ssid=%s pass=%s configurator=%d" % (to_hex("DPPNET01"), to_hex("ThisIsDppPassphrase"), conf_id
))
1722 cmd
= "DPP_LISTEN 2437 role=configurator"
1723 if "OK" not in dev
[1].request(cmd
):
1724 raise Exception("Failed to start listen operation")
1726 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1727 if "status,COMPLETE" not in res
:
1728 raise Exception("dev_exec_action did not succeed: " + res
)
1730 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes", timeout
=10)
1731 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkConnectResult,OK" not in res
:
1732 raise Exception("Unexpected result: " + res
)
1734 dev
[0].set("dpp_config_processing", "0")
1735 stop_sigma_dut(sigma
)
1737 def test_sigma_dut_dpp_qr_init_configurator_1(dev
, apdev
):
1738 """sigma_dut DPP/QR initiator as Configurator (conf index 1)"""
1739 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1)
1741 def test_sigma_dut_dpp_qr_init_configurator_2(dev
, apdev
):
1742 """sigma_dut DPP/QR initiator as Configurator (conf index 2)"""
1743 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 2)
1745 def test_sigma_dut_dpp_qr_init_configurator_3(dev
, apdev
):
1746 """sigma_dut DPP/QR initiator as Configurator (conf index 3)"""
1747 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 3)
1749 def test_sigma_dut_dpp_qr_init_configurator_4(dev
, apdev
):
1750 """sigma_dut DPP/QR initiator as Configurator (conf index 4)"""
1751 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 4)
1753 def test_sigma_dut_dpp_qr_init_configurator_5(dev
, apdev
):
1754 """sigma_dut DPP/QR initiator as Configurator (conf index 5)"""
1755 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 5)
1757 def test_sigma_dut_dpp_qr_init_configurator_6(dev
, apdev
):
1758 """sigma_dut DPP/QR initiator as Configurator (conf index 6)"""
1759 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 6)
1761 def test_sigma_dut_dpp_qr_init_configurator_7(dev
, apdev
):
1762 """sigma_dut DPP/QR initiator as Configurator (conf index 7)"""
1763 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 7)
1765 def test_sigma_dut_dpp_qr_init_configurator_both(dev
, apdev
):
1766 """sigma_dut DPP/QR initiator as Configurator or Enrollee (conf index 1)"""
1767 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, "Both")
1769 def test_sigma_dut_dpp_qr_init_configurator_neg_freq(dev
, apdev
):
1770 """sigma_dut DPP/QR initiator as Configurator (neg_freq)"""
1771 run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, 1, extra
='DPPSubsequentChannel,81/11')
1773 def run_sigma_dut_dpp_qr_init_configurator(dev
, apdev
, conf_idx
,
1774 prov_role
="Configurator",
1776 check_dpp_capab(dev
[0])
1777 check_dpp_capab(dev
[1])
1778 sigma
= start_sigma_dut(dev
[0].ifname
)
1780 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1781 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1783 cmd
= "DPP_LISTEN 2437 role=enrollee"
1784 if "OK" not in dev
[1].request(cmd
):
1785 raise Exception("Failed to start listen operation")
1787 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1788 if "status,COMPLETE" not in res
:
1789 raise Exception("dev_exec_action did not succeed: " + res
)
1791 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,%s,DPPConfIndex,%d,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6" % (prov_role
, conf_idx
)
1794 res
= sigma_dut_cmd(cmd
)
1795 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1796 raise Exception("Unexpected result: " + res
)
1798 stop_sigma_dut(sigma
)
1800 def test_sigma_dut_dpp_incompatible_roles_init(dev
, apdev
):
1801 """sigma_dut DPP roles incompatible (Initiator)"""
1802 check_dpp_capab(dev
[0])
1803 check_dpp_capab(dev
[1])
1804 sigma
= start_sigma_dut(dev
[0].ifname
)
1806 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1807 if "status,COMPLETE" not in res
:
1808 raise Exception("dev_exec_action did not succeed: " + res
)
1809 hex = res
.split(',')[3]
1811 logger
.info("URI from sigma_dut: " + uri
)
1813 id1
= dev
[1].dpp_qr_code(uri
)
1815 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1816 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1818 cmd
= "DPP_LISTEN 2437 role=enrollee"
1819 if "OK" not in dev
[1].request(cmd
):
1820 raise Exception("Failed to start listen operation")
1822 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1823 if "status,COMPLETE" not in res
:
1824 raise Exception("dev_exec_action did not succeed: " + res
)
1826 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1827 res
= sigma_dut_cmd(cmd
)
1828 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res
:
1829 raise Exception("Unexpected result: " + res
)
1831 stop_sigma_dut(sigma
)
1833 def dpp_init_enrollee_mutual(dev
, id1
, own_id
):
1834 logger
.info("Starting DPP initiator/enrollee in a thread")
1836 cmd
= "DPP_AUTH_INIT peer=%d own=%d role=enrollee" % (id1
, own_id
)
1837 if "OK" not in dev
.request(cmd
):
1838 raise Exception("Failed to initiate DPP Authentication")
1839 ev
= dev
.wait_event(["DPP-CONF-RECEIVED",
1840 "DPP-NOT-COMPATIBLE"], timeout
=5)
1842 raise Exception("DPP configuration not completed (Enrollee)")
1843 logger
.info("DPP initiator/enrollee done")
1845 def test_sigma_dut_dpp_incompatible_roles_resp(dev
, apdev
):
1846 """sigma_dut DPP roles incompatible (Responder)"""
1847 check_dpp_capab(dev
[0])
1848 check_dpp_capab(dev
[1])
1849 sigma
= start_sigma_dut(dev
[0].ifname
)
1851 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
1852 res
= sigma_dut_cmd(cmd
)
1853 if "status,COMPLETE" not in res
:
1854 raise Exception("dev_exec_action did not succeed: " + res
)
1855 hex = res
.split(',')[3]
1857 logger
.info("URI from sigma_dut: " + uri
)
1859 id1
= dev
[1].dpp_qr_code(uri
)
1861 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
1862 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
1864 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
1865 if "status,COMPLETE" not in res
:
1866 raise Exception("dev_exec_action did not succeed: " + res
)
1868 t
= threading
.Thread(target
=dpp_init_enrollee_mutual
, args
=(dev
[1], id1
, id0
))
1870 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6"
1871 res
= sigma_dut_cmd(cmd
, timeout
=10)
1873 if "BootstrapResult,OK,AuthResult,ROLES_NOT_COMPATIBLE" not in res
:
1874 raise Exception("Unexpected result: " + res
)
1876 stop_sigma_dut(sigma
)
1878 def test_sigma_dut_dpp_pkex_init_configurator(dev
, apdev
):
1879 """sigma_dut DPP/PKEX initiator as Configurator"""
1880 check_dpp_capab(dev
[0])
1881 check_dpp_capab(dev
[1])
1882 sigma
= start_sigma_dut(dev
[0].ifname
)
1884 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
1885 cmd
= "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id1
)
1886 res
= dev
[1].request(cmd
)
1888 raise Exception("Failed to set PKEX data (responder)")
1889 cmd
= "DPP_LISTEN 2437 role=enrollee"
1890 if "OK" not in dev
[1].request(cmd
):
1891 raise Exception("Failed to start listen operation")
1893 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCodeIdentifier,test,DPPPKEXCode,secret,DPPTimeout,6")
1894 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
1895 raise Exception("Unexpected result: " + res
)
1897 stop_sigma_dut(sigma
)
1899 def dpp_init_conf(dev
, id1
, conf
, conf_id
, extra
):
1900 logger
.info("Starting DPP initiator/configurator in a thread")
1901 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id1
, conf
, extra
, conf_id
)
1902 if "OK" not in dev
.request(cmd
):
1903 raise Exception("Failed to initiate DPP Authentication")
1904 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1906 raise Exception("DPP configuration not completed (Configurator)")
1907 logger
.info("DPP initiator/configurator done")
1909 def test_sigma_dut_ap_dpp_qr(dev
, apdev
, params
):
1910 """sigma_dut controlled AP (DPP)"""
1911 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-dpp", "sta-dpp")
1913 def test_sigma_dut_ap_dpp_qr_legacy(dev
, apdev
, params
):
1914 """sigma_dut controlled AP (legacy)"""
1915 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1916 extra
="pass=%s" % to_hex("qwertyuiop"))
1918 def test_sigma_dut_ap_dpp_qr_legacy_psk(dev
, apdev
, params
):
1919 """sigma_dut controlled AP (legacy)"""
1920 run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, "ap-psk", "sta-psk",
1921 extra
="psk=%s" % (32*"12"))
1923 def run_sigma_dut_ap_dpp_qr(dev
, apdev
, params
, ap_conf
, sta_conf
, extra
=""):
1924 check_dpp_capab(dev
[0])
1925 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_dpp_qr.sigma-hostapd")
1926 with
HWSimRadio() as (radio
, iface
):
1927 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1929 sigma_dut_cmd_check("ap_reset_default,program,DPP")
1930 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
1931 if "status,COMPLETE" not in res
:
1932 raise Exception("dev_exec_action did not succeed: " + res
)
1933 hex = res
.split(',')[3]
1935 logger
.info("URI from sigma_dut: " + uri
)
1937 cmd
= "DPP_CONFIGURATOR_ADD"
1938 res
= dev
[0].request(cmd
)
1940 raise Exception("Failed to add configurator")
1943 id1
= dev
[0].dpp_qr_code(uri
)
1945 t
= threading
.Thread(target
=dpp_init_conf
,
1946 args
=(dev
[0], id1
, ap_conf
, conf_id
, extra
))
1948 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6")
1950 if "ConfResult,OK" not in res
:
1951 raise Exception("Unexpected result: " + res
)
1953 id1
= dev
[1].dpp_bootstrap_gen(chan
="81/1", mac
=True)
1954 uri1
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1
)
1956 id0b
= dev
[0].dpp_qr_code(uri1
)
1958 dev
[1].set("dpp_config_processing", "2")
1959 cmd
= "DPP_LISTEN 2412"
1960 if "OK" not in dev
[1].request(cmd
):
1961 raise Exception("Failed to start listen operation")
1962 cmd
= "DPP_AUTH_INIT peer=%d conf=%s %s configurator=%d" % (id0b
, sta_conf
, extra
, conf_id
)
1963 if "OK" not in dev
[0].request(cmd
):
1964 raise Exception("Failed to initiate DPP Authentication")
1965 dev
[1].wait_connected()
1967 sigma_dut_cmd_check("ap_reset_default")
1969 dev
[1].set("dpp_config_processing", "0")
1970 stop_sigma_dut(sigma
)
1972 def test_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
, params
):
1973 """sigma_dut controlled AP as DPP PKEX responder"""
1974 check_dpp_capab(dev
[0])
1975 logdir
= os
.path
.join(params
['logdir'],
1976 "sigma_dut_ap_dpp_pkex_responder.sigma-hostapd")
1977 with
HWSimRadio() as (radio
, iface
):
1978 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
1980 run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
)
1982 stop_sigma_dut(sigma
)
1984 def dpp_init_conf_pkex(dev
, conf_id
, check_config
=True):
1985 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
1987 id = dev
.dpp_bootstrap_gen(type="pkex")
1988 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=ap-dpp configurator=%d code=password" % (id, conf_id
)
1989 res
= dev
.request(cmd
)
1991 raise Exception("Failed to initiate DPP PKEX")
1992 if not check_config
:
1994 ev
= dev
.wait_event(["DPP-CONF-SENT"], timeout
=5)
1996 raise Exception("DPP configuration not completed (Configurator)")
1997 logger
.info("DPP initiator/configurator done")
1999 def run_sigma_dut_ap_dpp_pkex_responder(dev
, apdev
):
2000 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2002 cmd
= "DPP_CONFIGURATOR_ADD"
2003 res
= dev
[0].request(cmd
)
2005 raise Exception("Failed to add configurator")
2008 t
= threading
.Thread(target
=dpp_init_conf_pkex
, args
=(dev
[0], conf_id
))
2010 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Mutual,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6,DPPWaitForConnect,No", timeout
=10)
2012 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2013 raise Exception("Unexpected result: " + res
)
2015 sigma_dut_cmd_check("ap_reset_default")
2017 def test_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
):
2018 """sigma_dut controlled STA as DPP PKEX responder and error case"""
2019 check_dpp_capab(dev
[0])
2020 sigma
= start_sigma_dut(dev
[0].ifname
)
2022 run_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
)
2024 stop_sigma_dut(sigma
)
2026 def run_sigma_dut_dpp_pkex_responder_proto(dev
, apdev
):
2027 cmd
= "DPP_CONFIGURATOR_ADD"
2028 res
= dev
[1].request(cmd
)
2030 raise Exception("Failed to add configurator")
2033 dev
[1].set("dpp_test", "44")
2035 t
= threading
.Thread(target
=dpp_init_conf_pkex
, args
=(dev
[1], conf_id
,
2038 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPProvisioningRole,Enrollee,DPPBS,PKEX,DPPPKEXCode,password,DPPTimeout,6", timeout
=10)
2040 if "BootstrapResult,Timeout" not in res
:
2041 raise Exception("Unexpected result: " + res
)
2043 def dpp_proto_init(dev
, id1
):
2045 logger
.info("Starting DPP initiator/configurator in a thread")
2046 cmd
= "DPP_CONFIGURATOR_ADD"
2047 res
= dev
.request(cmd
)
2049 raise Exception("Failed to add configurator")
2052 cmd
= "DPP_AUTH_INIT peer=%d conf=sta-dpp configurator=%d" % (id1
, conf_id
)
2053 if "OK" not in dev
.request(cmd
):
2054 raise Exception("Failed to initiate DPP Authentication")
2056 def test_sigma_dut_dpp_proto_initiator(dev
, apdev
):
2057 """sigma_dut DPP protocol testing - Initiator"""
2058 check_dpp_capab(dev
[0])
2059 check_dpp_capab(dev
[1])
2060 tests
= [("InvalidValue", "AuthenticationRequest", "WrappedData",
2061 "BootstrapResult,OK,AuthResult,Errorsent",
2063 ("InvalidValue", "AuthenticationConfirm", "WrappedData",
2064 "BootstrapResult,OK,AuthResult,Errorsent",
2066 ("MissingAttribute", "AuthenticationRequest", "InitCapabilities",
2067 "BootstrapResult,OK,AuthResult,Errorsent",
2068 "Missing or invalid I-capabilities"),
2069 ("InvalidValue", "AuthenticationConfirm", "InitAuthTag",
2070 "BootstrapResult,OK,AuthResult,Errorsent",
2071 "Mismatching Initiator Authenticating Tag"),
2072 ("MissingAttribute", "ConfigurationResponse", "EnrolleeNonce",
2073 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
2074 "Missing or invalid Enrollee Nonce attribute")]
2075 for step
, frame
, attr
, result
, fail
in tests
:
2076 dev
[0].request("FLUSH")
2077 dev
[1].request("FLUSH")
2078 sigma
= start_sigma_dut(dev
[0].ifname
)
2080 run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
,
2083 stop_sigma_dut(sigma
)
2085 def run_sigma_dut_dpp_proto_initiator(dev
, step
, frame
, attr
, result
, fail
):
2086 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2087 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2089 cmd
= "DPP_LISTEN 2437 role=enrollee"
2090 if "OK" not in dev
[1].request(cmd
):
2091 raise Exception("Failed to start listen operation")
2093 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2094 if "status,COMPLETE" not in res
:
2095 raise Exception("dev_exec_action did not succeed: " + res
)
2097 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
),
2099 if result
not in res
:
2100 raise Exception("Unexpected result: " + res
)
2102 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2103 if ev
is None or fail
not in ev
:
2104 raise Exception("Failure not reported correctly: " + str(ev
))
2106 dev
[1].request("DPP_STOP_LISTEN")
2107 dev
[0].dump_monitor()
2108 dev
[1].dump_monitor()
2110 def test_sigma_dut_dpp_proto_responder(dev
, apdev
):
2111 """sigma_dut DPP protocol testing - Responder"""
2112 check_dpp_capab(dev
[0])
2113 check_dpp_capab(dev
[1])
2114 tests
= [("MissingAttribute", "AuthenticationResponse", "DPPStatus",
2115 "BootstrapResult,OK,AuthResult,Errorsent",
2116 "Missing or invalid required DPP Status attribute"),
2117 ("MissingAttribute", "ConfigurationRequest", "EnrolleeNonce",
2118 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
2119 "Missing or invalid Enrollee Nonce attribute")]
2120 for step
, frame
, attr
, result
, fail
in tests
:
2121 dev
[0].request("FLUSH")
2122 dev
[1].request("FLUSH")
2123 sigma
= start_sigma_dut(dev
[0].ifname
)
2125 run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
,
2128 stop_sigma_dut(sigma
)
2130 def run_sigma_dut_dpp_proto_responder(dev
, step
, frame
, attr
, result
, fail
):
2131 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
2132 if "status,COMPLETE" not in res
:
2133 raise Exception("dev_exec_action did not succeed: " + res
)
2134 hex = res
.split(',')[3]
2136 logger
.info("URI from sigma_dut: " + uri
)
2138 id1
= dev
[1].dpp_qr_code(uri
)
2140 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
2142 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
2144 if result
not in res
:
2145 raise Exception("Unexpected result: " + res
)
2147 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2148 if ev
is None or fail
not in ev
:
2149 raise Exception("Failure not reported correctly:" + str(ev
))
2151 dev
[1].request("DPP_STOP_LISTEN")
2152 dev
[0].dump_monitor()
2153 dev
[1].dump_monitor()
2155 def test_sigma_dut_dpp_proto_stop_at_initiator(dev
, apdev
):
2156 """sigma_dut DPP protocol testing - Stop at RX on Initiator"""
2157 check_dpp_capab(dev
[0])
2158 check_dpp_capab(dev
[1])
2159 tests
= [("AuthenticationResponse",
2160 "BootstrapResult,OK,AuthResult,Errorsent",
2162 ("ConfigurationRequest",
2163 "BootstrapResult,OK,AuthResult,OK,ConfResult,Errorsent",
2165 for frame
, result
, fail
in tests
:
2166 dev
[0].request("FLUSH")
2167 dev
[1].request("FLUSH")
2168 sigma
= start_sigma_dut(dev
[0].ifname
)
2170 run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
)
2172 stop_sigma_dut(sigma
)
2174 def run_sigma_dut_dpp_proto_stop_at_initiator(dev
, frame
, result
, fail
):
2175 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2176 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2178 cmd
= "DPP_LISTEN 2437 role=enrollee"
2179 if "OK" not in dev
[1].request(cmd
):
2180 raise Exception("Failed to start listen operation")
2182 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2183 if "status,COMPLETE" not in res
:
2184 raise Exception("dev_exec_action did not succeed: " + res
)
2186 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
))
2187 if result
not in res
:
2188 raise Exception("Unexpected result: " + res
)
2190 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2191 if ev
is None or fail
not in ev
:
2192 raise Exception("Failure not reported correctly: " + str(ev
))
2194 dev
[1].request("DPP_STOP_LISTEN")
2195 dev
[0].dump_monitor()
2196 dev
[1].dump_monitor()
2198 def test_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, apdev
):
2199 """sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee"""
2200 check_dpp_capab(dev
[0])
2201 check_dpp_capab(dev
[1])
2202 tests
= [("AuthenticationConfirm",
2203 "BootstrapResult,OK,AuthResult,Errorsent,LastFrameReceived,AuthenticationResponse",
2205 for frame
, result
, fail
in tests
:
2206 dev
[0].request("FLUSH")
2207 dev
[1].request("FLUSH")
2208 sigma
= start_sigma_dut(dev
[0].ifname
, debug
=True)
2210 run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, frame
,
2213 stop_sigma_dut(sigma
)
2215 def run_sigma_dut_dpp_proto_stop_at_initiator_enrollee(dev
, frame
, result
,
2217 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2218 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2220 cmd
= "DPP_LISTEN 2437 role=configurator"
2221 if "OK" not in dev
[1].request(cmd
):
2222 raise Exception("Failed to start listen operation")
2224 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2225 if "status,COMPLETE" not in res
:
2226 raise Exception("dev_exec_action did not succeed: " + res
)
2228 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
), timeout
=10)
2229 if result
not in res
:
2230 raise Exception("Unexpected result: " + res
)
2232 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2233 if ev
is None or fail
not in ev
:
2234 raise Exception("Failure not reported correctly: " + str(ev
))
2236 dev
[1].request("DPP_STOP_LISTEN")
2237 dev
[0].dump_monitor()
2238 dev
[1].dump_monitor()
2240 def test_sigma_dut_dpp_proto_stop_at_responder(dev
, apdev
):
2241 """sigma_dut DPP protocol testing - Stop at RX on Responder"""
2242 check_dpp_capab(dev
[0])
2243 check_dpp_capab(dev
[1])
2244 tests
= [("AuthenticationRequest",
2245 "BootstrapResult,OK,AuthResult,Errorsent",
2247 ("AuthenticationConfirm",
2248 "BootstrapResult,OK,AuthResult,Errorsent",
2250 for frame
, result
, fail
in tests
:
2251 dev
[0].request("FLUSH")
2252 dev
[1].request("FLUSH")
2253 sigma
= start_sigma_dut(dev
[0].ifname
)
2255 run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
)
2257 stop_sigma_dut(sigma
)
2259 def run_sigma_dut_dpp_proto_stop_at_responder(dev
, frame
, result
, fail
):
2260 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
2261 if "status,COMPLETE" not in res
:
2262 raise Exception("dev_exec_action did not succeed: " + res
)
2263 hex = res
.split(',')[3]
2265 logger
.info("URI from sigma_dut: " + uri
)
2267 id1
= dev
[1].dpp_qr_code(uri
)
2269 t
= threading
.Thread(target
=dpp_proto_init
, args
=(dev
[1], id1
))
2271 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6,DPPStep,Timeout,DPPFrameType,%s" % (frame
), timeout
=10)
2273 if result
not in res
:
2274 raise Exception("Unexpected result: " + res
)
2276 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2277 if ev
is None or fail
not in ev
:
2278 raise Exception("Failure not reported correctly:" + str(ev
))
2280 dev
[1].request("DPP_STOP_LISTEN")
2281 dev
[0].dump_monitor()
2282 dev
[1].dump_monitor()
2284 def dpp_proto_init_pkex(dev
):
2286 logger
.info("Starting DPP PKEX initiator/configurator in a thread")
2287 cmd
= "DPP_CONFIGURATOR_ADD"
2288 res
= dev
.request(cmd
)
2290 raise Exception("Failed to add configurator")
2293 id = dev
.dpp_bootstrap_gen(type="pkex")
2295 cmd
= "DPP_PKEX_ADD own=%d init=1 conf=sta-dpp configurator=%d code=secret" % (id, conf_id
)
2296 if "FAIL" in dev
.request(cmd
):
2297 raise Exception("Failed to initiate DPP PKEX")
2299 def test_sigma_dut_dpp_proto_initiator_pkex(dev
, apdev
):
2300 """sigma_dut DPP protocol testing - Initiator (PKEX)"""
2301 check_dpp_capab(dev
[0])
2302 check_dpp_capab(dev
[1])
2303 tests
= [("InvalidValue", "PKEXCRRequest", "WrappedData",
2304 "BootstrapResult,Errorsent",
2306 ("MissingAttribute", "PKEXExchangeRequest", "FiniteCyclicGroup",
2307 "BootstrapResult,Errorsent",
2308 "Missing or invalid Finite Cyclic Group attribute"),
2309 ("MissingAttribute", "PKEXCRRequest", "BSKey",
2310 "BootstrapResult,Errorsent",
2311 "No valid peer bootstrapping key found")]
2312 for step
, frame
, attr
, result
, fail
in tests
:
2313 dev
[0].request("FLUSH")
2314 dev
[1].request("FLUSH")
2315 sigma
= start_sigma_dut(dev
[0].ifname
)
2317 run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
,
2320 stop_sigma_dut(sigma
)
2322 def run_sigma_dut_dpp_proto_initiator_pkex(dev
, step
, frame
, attr
, result
, fail
):
2323 id1
= dev
[1].dpp_bootstrap_gen(type="pkex")
2325 cmd
= "DPP_PKEX_ADD own=%d code=secret" % (id1
)
2326 res
= dev
[1].request(cmd
)
2328 raise Exception("Failed to set PKEX data (responder)")
2330 cmd
= "DPP_LISTEN 2437 role=enrollee"
2331 if "OK" not in dev
[1].request(cmd
):
2332 raise Exception("Failed to start listen operation")
2334 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
))
2335 if result
not in res
:
2336 raise Exception("Unexpected result: " + res
)
2338 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2339 if ev
is None or fail
not in ev
:
2340 raise Exception("Failure not reported correctly: " + str(ev
))
2342 dev
[1].request("DPP_STOP_LISTEN")
2343 dev
[0].dump_monitor()
2344 dev
[1].dump_monitor()
2346 def test_sigma_dut_dpp_proto_responder_pkex(dev
, apdev
):
2347 """sigma_dut DPP protocol testing - Responder (PKEX)"""
2348 check_dpp_capab(dev
[0])
2349 check_dpp_capab(dev
[1])
2350 tests
= [("InvalidValue", "PKEXCRResponse", "WrappedData",
2351 "BootstrapResult,Errorsent",
2353 ("MissingAttribute", "PKEXExchangeResponse", "DPPStatus",
2354 "BootstrapResult,Errorsent",
2355 "No DPP Status attribute"),
2356 ("MissingAttribute", "PKEXCRResponse", "BSKey",
2357 "BootstrapResult,Errorsent",
2358 "No valid peer bootstrapping key found")]
2359 for step
, frame
, attr
, result
, fail
in tests
:
2360 dev
[0].request("FLUSH")
2361 dev
[1].request("FLUSH")
2362 sigma
= start_sigma_dut(dev
[0].ifname
)
2364 run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
,
2367 stop_sigma_dut(sigma
)
2369 def run_sigma_dut_dpp_proto_responder_pkex(dev
, step
, frame
, attr
, result
, fail
):
2370 t
= threading
.Thread(target
=dpp_proto_init_pkex
, args
=(dev
[1],))
2372 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,PKEX,DPPPKEXCode,secret,DPPTimeout,6,DPPStep,%s,DPPFrameType,%s,DPPIEAttribute,%s" % (step
, frame
, attr
), timeout
=10)
2374 if result
not in res
:
2375 raise Exception("Unexpected result: " + res
)
2377 ev
= dev
[1].wait_event(["DPP-FAIL"], timeout
=5)
2378 if ev
is None or fail
not in ev
:
2379 raise Exception("Failure not reported correctly:" + str(ev
))
2381 dev
[1].request("DPP_STOP_LISTEN")
2382 dev
[0].dump_monitor()
2383 dev
[1].dump_monitor()
2385 def init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
2386 check_dpp_capab(dev
[0])
2387 check_dpp_capab(dev
[1])
2389 csign
= "30770201010420768240a3fc89d6662d9782f120527fe7fb9edc6366ab0b9c7dde96125cfd250fa00a06082a8648ce3d030107a144034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2390 csign_pub
= "3059301306072a8648ce3d020106082a8648ce3d030107034200042908e1baf7bf413cc66f9e878a03e8bb1835ba94b033dbe3d6969fc8575d5eb5dfda1cb81c95cee21d0cd7d92ba30541ffa05cb6296f5dd808b0c1c2a83c0708"
2391 ap_connector
= "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJwYWtZbXVzd1dCdWpSYTl5OEsweDViaTVrT3VNT3dzZHRlaml2UG55ZHZzIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6ImFwIn1dLCJuZXRBY2Nlc3NLZXkiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiIybU5vNXZuRkI5bEw3d1VWb1hJbGVPYzBNSEE1QXZKbnpwZXZULVVTYzVNIiwieSI6IlhzS3dqVHJlLTg5WWdpU3pKaG9CN1haeUttTU05OTl3V2ZaSVl0bi01Q3MifX0.XhjFpZgcSa7G2lHy0OCYTvaZFRo5Hyx6b7g7oYyusLC7C_73AJ4_BxEZQVYJXAtDuGvb3dXSkHEKxREP9Q6Qeg"
2392 ap_netaccesskey
= "30770201010420ceba752db2ad5200fa7bc565b9c05c69b7eb006751b0b329b0279de1c19ca67ca00a06082a8648ce3d030107a14403420004da6368e6f9c507d94bef0515a1722578e73430703902f267ce97af4fe51273935ec2b08d3adefbcf588224b3261a01ed76722a630cf7df7059f64862d9fee42b"
2394 params
= {"ssid": "DPPNET01",
2397 "wpa_key_mgmt": "DPP",
2398 "rsn_pairwise": "CCMP",
2399 "dpp_connector": ap_connector
,
2400 "dpp_csign": csign_pub
,
2401 "dpp_netaccesskey": ap_netaccesskey
}
2403 hapd
= hostapd
.add_ap(apdev
[0], params
)
2405 raise HwsimSkip("DPP not supported")
2407 dev
[0].set("dpp_config_processing", "2")
2409 cmd
= "DPP_CONFIGURATOR_ADD key=" + csign
2410 res
= dev
[1].request(cmd
)
2412 raise Exception("Failed to add configurator")
2415 id0
= dev
[1].dpp_bootstrap_gen(chan
="81/6", mac
=True)
2416 uri0
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id0
)
2418 dev
[1].set("dpp_configurator_params",
2419 " conf=sta-dpp ssid=%s configurator=%d" % (to_hex("DPPNET01"),
2421 cmd
= "DPP_LISTEN 2437 role=configurator"
2422 if "OK" not in dev
[1].request(cmd
):
2423 raise Exception("Failed to start listen operation")
2425 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri0
))
2426 if "status,COMPLETE" not in res
:
2427 raise Exception("dev_exec_action did not succeed: " + res
)
2429 def test_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
):
2430 """sigma_dut DPP protocol testing - Peer Discovery Request"""
2431 sigma
= start_sigma_dut(dev
[0].ifname
)
2433 init_sigma_dut_dpp_proto_peer_disc_req(dev
, apdev
)
2435 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPBS,QR,DPPTimeout,6,DPPWaitForConnect,Yes,DPPStep,MissingAttribute,DPPFrameType,PeerDiscoveryRequest,DPPIEAttribute,TransactionID", timeout
=10)
2436 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,Errorsent" not in res
:
2437 raise Exception("Unexpected result: " + res
)
2439 dev
[0].set("dpp_config_processing", "0")
2440 stop_sigma_dut(sigma
)
2442 def test_sigma_dut_dpp_self_config(dev
, apdev
):
2443 """sigma_dut DPP Configurator enrolling an AP and using self-configuration"""
2444 check_dpp_capab(dev
[0])
2446 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "unconfigured"})
2447 check_dpp_capab(hapd
)
2449 sigma
= start_sigma_dut(dev
[0].ifname
)
2451 dev
[0].set("dpp_config_processing", "2")
2452 id = hapd
.dpp_bootstrap_gen(chan
="81/1", mac
=True)
2453 uri
= hapd
.request("DPP_BOOTSTRAP_GET_URI %d" % id)
2455 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri
))
2456 if "status,COMPLETE" not in res
:
2457 raise Exception("dev_exec_action did not succeed: " + res
)
2459 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPTimeout,6")
2460 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2461 raise Exception("Unexpected result: " + res
)
2462 update_hapd_config(hapd
)
2464 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPCryptoIdentifier,P-256,DPPBS,QR,DPPAuthRole,Initiator,DPPProvisioningRole,Configurator,DPPAuthDirection,Single,DPPConfIndex,1,DPPTimeout,6,DPPWaitForConnect,Yes,DPPSelfConfigure,Yes"
2465 res
= sigma_dut_cmd(cmd
, timeout
=10)
2466 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK,NetworkIntroResult,OK,NetworkConnectResult,OK" not in res
:
2467 raise Exception("Unexpected result: " + res
)
2469 stop_sigma_dut(sigma
)
2470 dev
[0].set("dpp_config_processing", "0")
2472 def test_sigma_dut_ap_dpp_self_config(dev
, apdev
, params
):
2473 """sigma_dut DPP AP Configurator using self-configuration"""
2474 logdir
= os
.path
.join(params
['logdir'],
2475 "sigma_dut_ap_dpp_self_config.sigma-hostapd")
2476 with
HWSimRadio() as (radio
, iface
):
2477 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
2479 run_sigma_dut_ap_dpp_self_config(dev
, apdev
)
2481 stop_sigma_dut(sigma
)
2482 dev
[0].set("dpp_config_processing", "0")
2484 def run_sigma_dut_ap_dpp_self_config(dev
, apdev
):
2485 check_dpp_capab(dev
[0])
2487 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2489 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,AP,DPPBS,QR,DPPConfIndex,1,DPPSelfConfigure,Yes,DPPTimeout,6", timeout
=10)
2490 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2491 raise Exception("Unexpected result: " + res
)
2493 dev
[0].set("dpp_config_processing", "2")
2495 id = dev
[0].dpp_bootstrap_gen(chan
="81/11", mac
=True)
2496 uri
= dev
[0].request("DPP_BOOTSTRAP_GET_URI %d" % id)
2497 cmd
= "DPP_LISTEN 2462 role=enrollee"
2498 if "OK" not in dev
[0].request(cmd
):
2499 raise Exception("Failed to start listen operation")
2501 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri
))
2502 if "status,COMPLETE" not in res
:
2503 raise Exception("dev_exec_action did not succeed: " + res
)
2504 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfIndex,1,DPPSigningKeyECC,P-256,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPTimeout,6"
2505 res
= sigma_dut_cmd(cmd
)
2506 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2507 raise Exception("Unexpected result: " + res
)
2508 dev
[0].wait_connected()
2509 dev
[0].request("DISCONNECT")
2510 dev
[0].wait_disconnected()
2511 sigma_dut_cmd_check("ap_reset_default")
2514 def test_sigma_dut_ap_dpp_relay(dev
, apdev
, params
):
2515 """sigma_dut DPP AP as Relay to Controller"""
2516 logdir
= os
.path
.join(params
['logdir'],
2517 "sigma_dut_ap_dpp_relay.sigma-hostapd")
2518 with
HWSimRadio() as (radio
, iface
):
2519 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
2521 run_sigma_dut_ap_dpp_relay(dev
, apdev
)
2523 stop_sigma_dut(sigma
)
2524 dev
[1].request("DPP_CONTROLLER_STOP")
2526 def run_sigma_dut_ap_dpp_relay(dev
, apdev
):
2527 check_dpp_capab(dev
[0])
2528 check_dpp_capab(dev
[1])
2531 conf_id
= dev
[1].dpp_configurator_add()
2532 dev
[1].set("dpp_configurator_params",
2533 " conf=sta-dpp configurator=%d" % conf_id
)
2534 id_c
= dev
[1].dpp_bootstrap_gen()
2535 uri_c
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id_c
)
2536 res
= dev
[1].request("DPP_BOOTSTRAP_INFO %d" % id_c
)
2538 for line
in res
.splitlines():
2539 name
, value
= line
.split('=')
2540 if name
== "pkhash":
2544 raise Exception("Could not fetch public key hash from Controller")
2545 if "OK" not in dev
[1].request("DPP_CONTROLLER_START"):
2546 raise Exception("Failed to start Controller")
2548 sigma_dut_cmd_check("ap_reset_default,program,DPP")
2549 sigma_dut_cmd_check("ap_preset_testparameters,program,DPP,DPPConfiguratorAddress,127.0.0.1,DPPConfiguratorPKHash," + pkhash
)
2550 res
= sigma_dut_cmd_check("dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR")
2552 dev
[0].dpp_auth_init(uri
=uri_c
, role
="enrollee")
2553 wait_auth_success(dev
[1], dev
[0], configurator
=dev
[1], enrollee
=dev
[0])
2555 sigma_dut_cmd_check("ap_reset_default")
2557 def dpp_init_tcp_enrollee(dev
, id1
):
2558 logger
.info("Starting DPP initiator/enrollee (TCP) in a thread")
2560 cmd
= "DPP_AUTH_INIT peer=%d role=enrollee tcp_addr=127.0.0.1" % id1
2561 if "OK" not in dev
.request(cmd
):
2562 raise Exception("Failed to initiate DPP Authentication")
2563 ev
= dev
.wait_event(["DPP-CONF-RECEIVED"], timeout
=5)
2565 raise Exception("DPP configuration not completed (Enrollee)")
2566 logger
.info("DPP initiator/enrollee done")
2568 def test_sigma_dut_dpp_tcp_conf_resp(dev
, apdev
):
2569 """sigma_dut DPP TCP Configurator (Controller) as responder"""
2570 run_sigma_dut_dpp_tcp_conf_resp(dev
)
2572 def run_sigma_dut_dpp_tcp_conf_resp(dev
, status_query
=False):
2573 check_dpp_capab(dev
[0])
2574 check_dpp_capab(dev
[1])
2575 sigma
= start_sigma_dut(dev
[0].ifname
)
2577 cmd
= "dev_exec_action,program,DPP,DPPActionType,GetLocalBootstrap,DPPCryptoIdentifier,P-256,DPPBS,QR"
2578 res
= sigma_dut_cmd(cmd
)
2579 if "status,COMPLETE" not in res
:
2580 raise Exception("dev_exec_action did not succeed: " + res
)
2581 hex = res
.split(',')[3]
2583 logger
.info("URI from sigma_dut: " + uri
)
2585 id1
= dev
[1].dpp_qr_code(uri
)
2587 t
= threading
.Thread(target
=dpp_init_tcp_enrollee
, args
=(dev
[1], id1
))
2589 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Responder,DPPConfIndex,1,DPPAuthDirection,Single,DPPProvisioningRole,Configurator,DPPConfEnrolleeRole,STA,DPPSigningKeyECC,P-256,DPPBS,QR,DPPOverTCP,yes,DPPTimeout,6"
2591 cmd
+= ",DPPStatusQuery,Yes"
2592 res
= sigma_dut_cmd(cmd
, timeout
=10)
2594 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2595 raise Exception("Unexpected result: " + res
)
2596 if status_query
and "StatusResult,0" not in res
:
2597 raise Exception("Status query did not succeed: " + res
)
2599 stop_sigma_dut(sigma
)
2601 def test_sigma_dut_dpp_tcp_enrollee_init(dev
, apdev
):
2602 """sigma_dut DPP TCP Enrollee as initiator"""
2603 check_dpp_capab(dev
[0])
2604 check_dpp_capab(dev
[1])
2605 sigma
= start_sigma_dut(dev
[0].ifname
)
2608 conf_id
= dev
[1].dpp_configurator_add()
2609 dev
[1].set("dpp_configurator_params",
2610 " conf=sta-dpp configurator=%d" % conf_id
)
2611 id_c
= dev
[1].dpp_bootstrap_gen()
2612 uri_c
= dev
[1].request("DPP_BOOTSTRAP_GET_URI %d" % id_c
)
2613 if "OK" not in dev
[1].request("DPP_CONTROLLER_START"):
2614 raise Exception("Failed to start Controller")
2616 res
= sigma_dut_cmd("dev_exec_action,program,DPP,DPPActionType,SetPeerBootstrap,DPPBootstrappingdata,%s,DPPBS,QR" % to_hex(uri_c
))
2617 if "status,COMPLETE" not in res
:
2618 raise Exception("dev_exec_action did not succeed: " + res
)
2620 cmd
= "dev_exec_action,program,DPP,DPPActionType,AutomaticDPP,DPPAuthRole,Initiator,DPPAuthDirection,Single,DPPProvisioningRole,Enrollee,DPPConfEnrolleeRole,STA,DPPBS,QR,DPPOverTCP,127.0.0.1,DPPTimeout,6"
2621 res
= sigma_dut_cmd(cmd
, timeout
=10)
2622 if "BootstrapResult,OK,AuthResult,OK,ConfResult,OK" not in res
:
2623 raise Exception("Unexpected result: " + res
)
2625 stop_sigma_dut(sigma
)
2626 dev
[1].request("DPP_CONTROLLER_STOP")
2628 def test_sigma_dut_preconfigured_profile(dev
, apdev
):
2629 """sigma_dut controlled connection using preconfigured profile"""
2631 run_sigma_dut_preconfigured_profile(dev
, apdev
)
2633 dev
[0].set("ignore_old_scan_res", "0")
2635 def run_sigma_dut_preconfigured_profile(dev
, apdev
):
2636 ifname
= dev
[0].ifname
2637 sigma
= start_sigma_dut(ifname
)
2639 params
= hostapd
.wpa2_params(ssid
="test-psk", passphrase
="12345678")
2640 hapd
= hostapd
.add_ap(apdev
[0], params
)
2641 dev
[0].connect("test-psk", psk
="12345678", scan_freq
="2412",
2642 only_add_network
=True)
2644 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2645 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s" % (ifname
, "test-psk"))
2646 sigma_dut_wait_connected(ifname
)
2647 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2648 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2649 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2651 stop_sigma_dut(sigma
)
2653 def test_sigma_dut_wps_pbc(dev
, apdev
):
2654 """sigma_dut and WPS PBC Enrollee"""
2656 run_sigma_dut_wps_pbc(dev
, apdev
)
2658 dev
[0].set("ignore_old_scan_res", "0")
2660 def run_sigma_dut_wps_pbc(dev
, apdev
):
2661 ssid
= "test-wps-conf"
2662 hapd
= hostapd
.add_ap(apdev
[0],
2663 {"ssid": "wps", "eap_server": "1", "wps_state": "2",
2664 "wpa_passphrase": "12345678", "wpa": "2",
2665 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2666 hapd
.request("WPS_PBC")
2668 ifname
= dev
[0].ifname
2669 sigma
= start_sigma_dut(ifname
)
2671 cmd
= "start_wps_registration,interface,%s" % ifname
2672 cmd
+= ",WpsRole,Enrollee"
2673 cmd
+= ",WpsConfigMethod,PBC"
2674 sigma_dut_cmd_check(cmd
, timeout
=15)
2676 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2678 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2679 stop_sigma_dut(sigma
)
2680 dev
[0].flush_scan_cache()
2682 def test_sigma_dut_sta_scan_bss(dev
, apdev
):
2683 """sigma_dut sta_scan_bss"""
2684 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": "test"})
2685 sigma
= start_sigma_dut(dev
[0].ifname
)
2687 cmd
= "sta_scan_bss,Interface,%s,BSSID,%s" % (dev
[0].ifname
, \
2689 res
= sigma_dut_cmd(cmd
, timeout
=10)
2690 if "ssid,test,bsschannel,1" not in res
:
2691 raise Exception("Unexpected result: " + res
)
2693 stop_sigma_dut(sigma
)
2695 def test_sigma_dut_sta_scan_ssid_bssid(dev
, apdev
):
2696 """sigma_dut sta_scan GetParameter,SSID_BSSID"""
2697 hostapd
.add_ap(apdev
[0], {"ssid": "abcdef"})
2698 hostapd
.add_ap(apdev
[1], {"ssid": "qwerty"})
2699 sigma
= start_sigma_dut(dev
[0].ifname
, debug
=True)
2701 cmd
= "sta_scan,Interface,%s,GetParameter,SSID_BSSID" % dev
[0].ifname
2702 res
= sigma_dut_cmd(cmd
, timeout
=10)
2703 if "abcdef" not in res
or "qwerty" not in res
:
2704 raise Exception("Unexpected result: " + res
)
2706 stop_sigma_dut(sigma
)
2708 def test_sigma_dut_ap_osen(dev
, apdev
, params
):
2709 """sigma_dut controlled AP with OSEN"""
2710 logdir
= os
.path
.join(params
['logdir'],
2711 "sigma_dut_ap_osen.sigma-hostapd")
2712 with
HWSimRadio() as (radio
, iface
):
2713 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
)
2715 sigma_dut_cmd_check("ap_reset_default")
2716 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2717 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2718 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OSEN,PMF,Optional")
2719 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2721 # RSN-OSEN (for OSU)
2722 dev
[0].connect("test-hs20", proto
="OSEN", key_mgmt
="OSEN",
2723 pairwise
="CCMP", group
="GTK_NOT_USED",
2724 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
2725 ca_cert
="auth_serv/ca.pem", scan_freq
="2412")
2727 sigma_dut_cmd_check("ap_reset_default")
2729 stop_sigma_dut(sigma
)
2731 def test_sigma_dut_ap_eap_osen(dev
, apdev
, params
):
2732 """sigma_dut controlled AP with EAP+OSEN"""
2733 logdir
= os
.path
.join(params
['logdir'],
2734 "sigma_dut_ap_eap_osen.sigma-hostapd")
2735 with
HWSimRadio() as (radio
, iface
):
2736 sigma
= start_sigma_dut(iface
, bridge
="ap-br0", hostapd_logdir
=logdir
)
2738 sigma_dut_cmd_check("ap_reset_default")
2739 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-hs20,MODE,11ng")
2740 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2741 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-OSEN,PMF,Optional")
2742 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2744 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2745 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2747 # RSN-OSEN (for OSU)
2748 dev
[0].connect("test-hs20", proto
="OSEN", key_mgmt
="OSEN",
2750 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
2751 ca_cert
="auth_serv/ca.pem", ieee80211w
='2',
2753 # RSN-EAP (for data connection)
2754 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2755 identity
="hs20-test", password
="password",
2756 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2757 ieee80211w
='2', scan_freq
="2412")
2759 hwsim_utils
.test_connectivity(dev
[0], dev
[1], broadcast
=False,
2760 success_expected
=False, timeout
=1)
2762 sigma_dut_cmd_check("ap_reset_default")
2764 stop_sigma_dut(sigma
)
2765 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2766 stderr
=open('/dev/null', 'w'))
2767 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2768 stderr
=open('/dev/null', 'w'))
2770 def test_sigma_dut_ap_eap(dev
, apdev
, params
):
2771 """sigma_dut controlled AP WPA2-Enterprise"""
2772 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_eap.sigma-hostapd")
2773 with
HWSimRadio() as (radio
, iface
):
2774 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2776 sigma_dut_cmd_check("ap_reset_default")
2777 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2778 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2779 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT")
2780 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2782 dev
[0].connect("test-eap", key_mgmt
="WPA-EAP", eap
="GPSK",
2783 identity
="gpsk user",
2784 password
="abcdefghijklmnop0123456789abcdef",
2787 sigma_dut_cmd_check("ap_reset_default")
2789 stop_sigma_dut(sigma
)
2791 def test_sigma_dut_ap_eap_sha256(dev
, apdev
, params
):
2792 """sigma_dut controlled AP WPA2-Enterprise SHA256"""
2793 logdir
= os
.path
.join(params
['logdir'],
2794 "sigma_dut_ap_eap_sha256.sigma-hostapd")
2795 with
HWSimRadio() as (radio
, iface
):
2796 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2798 sigma_dut_cmd_check("ap_reset_default")
2799 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-eap,MODE,11ng")
2800 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2801 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-256")
2802 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2804 dev
[0].connect("test-eap", key_mgmt
="WPA-EAP-SHA256", eap
="GPSK",
2805 identity
="gpsk user",
2806 password
="abcdefghijklmnop0123456789abcdef",
2809 sigma_dut_cmd_check("ap_reset_default")
2811 stop_sigma_dut(sigma
)
2813 def test_sigma_dut_ap_ft_eap(dev
, apdev
, params
):
2814 """sigma_dut controlled AP FT-EAP"""
2815 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_ft_eap.sigma-hostapd")
2816 with
HWSimRadio() as (radio
, iface
):
2817 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2819 sigma_dut_cmd_check("ap_reset_default")
2820 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2821 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2822 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-EAP")
2823 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2825 dev
[0].connect("test-ft-eap", key_mgmt
="FT-EAP", eap
="GPSK",
2826 identity
="gpsk user",
2827 password
="abcdefghijklmnop0123456789abcdef",
2830 sigma_dut_cmd_check("ap_reset_default")
2832 stop_sigma_dut(sigma
)
2834 def test_sigma_dut_ap_ft_psk(dev
, apdev
, params
):
2835 """sigma_dut controlled AP FT-PSK"""
2836 logdir
= os
.path
.join(params
['logdir'], "sigma_dut_ap_ft_psk.sigma-hostapd")
2837 with
HWSimRadio() as (radio
, iface
):
2838 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2840 sigma_dut_cmd_check("ap_reset_default")
2841 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2842 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2843 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2845 dev
[0].connect("test-ft-psk", key_mgmt
="FT-PSK", psk
="12345678",
2848 sigma_dut_cmd_check("ap_reset_default")
2850 stop_sigma_dut(sigma
)
2852 def test_sigma_dut_ap_ft_over_ds_psk(dev
, apdev
, params
):
2853 """sigma_dut controlled AP FT-PSK (over-DS)"""
2854 logdir
= os
.path
.join(params
['logdir'],
2855 "sigma_dut_ap_ft_over_ds_psk.sigma-hostapd")
2856 conffile
= os
.path
.join(params
['logdir'],
2857 "sigma_dut_ap_ft_over_ds_psk.sigma-conf")
2858 with
HWSimRadio() as (radio
, iface
):
2859 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2861 sigma_dut_cmd_check("ap_reset_default")
2862 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ft-psk,MODE,11ng,DOMAIN,0101,FT_DS,Enable")
2863 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,FT-PSK,PSK,12345678")
2864 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2866 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
2867 with
open(conffile
, "wb") as f2
:
2870 dev
[0].connect("test-ft-psk", key_mgmt
="FT-PSK", psk
="12345678",
2873 sigma_dut_cmd_check("ap_reset_default")
2875 stop_sigma_dut(sigma
)
2877 def test_sigma_dut_ap_ent_ft_eap(dev
, apdev
, params
):
2878 """sigma_dut controlled AP WPA-EAP and FT-EAP"""
2879 logdir
= os
.path
.join(params
['logdir'],
2880 "sigma_dut_ap_ent_ft_eap.sigma-hostapd")
2881 with
HWSimRadio() as (radio
, iface
):
2882 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
2884 sigma_dut_cmd_check("ap_reset_default")
2885 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-ent-ft-eap,MODE,11ng,DOMAIN,0101,FT_OA,Enable")
2886 sigma_dut_cmd_check("ap_set_radius,NAME,AP,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
2887 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-ENT-FT-EAP")
2888 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
2890 dev
[0].connect("test-ent-ft-eap", key_mgmt
="FT-EAP", eap
="GPSK",
2891 identity
="gpsk user",
2892 password
="abcdefghijklmnop0123456789abcdef",
2894 dev
[1].connect("test-ent-ft-eap", key_mgmt
="WPA-EAP", eap
="GPSK",
2895 identity
="gpsk user",
2896 password
="abcdefghijklmnop0123456789abcdef",
2899 sigma_dut_cmd_check("ap_reset_default")
2901 stop_sigma_dut(sigma
)
2903 def test_sigma_dut_venue_url(dev
, apdev
):
2904 """sigma_dut controlled Venue URL fetch"""
2906 run_sigma_dut_venue_url(dev
, apdev
)
2908 dev
[0].set("ignore_old_scan_res", "0")
2910 def run_sigma_dut_venue_url(dev
, apdev
):
2911 ifname
= dev
[0].ifname
2912 sigma
= start_sigma_dut(ifname
, debug
=True)
2915 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
2916 params
["wpa_key_mgmt"] = "WPA-PSK-SHA256"
2917 params
["ieee80211w"] = "2"
2921 venue_info
= struct
.pack('BB', venue_group
, venue_type
)
2923 name1
= "Example venue"
2925 name2
= "Esimerkkipaikka"
2926 venue1
= struct
.pack('B', len(lang1
+ name1
)) + lang1
.encode() + name1
.encode()
2927 venue2
= struct
.pack('B', len(lang2
+ name2
)) + lang2
.encode() + name2
.encode()
2928 venue_name
= binascii
.hexlify(venue_info
+ venue1
+ venue2
)
2930 url1
= "http://example.com/venue"
2931 url2
= "https://example.org/venue-info/"
2932 params
["venue_group"] = str(venue_group
)
2933 params
["venue_type"] = str(venue_type
)
2934 params
["venue_name"] = [lang1
+ ":" + name1
, lang2
+ ":" + name2
]
2935 params
["venue_url"] = ["1:" + url1
, "2:" + url2
]
2937 hapd
= hostapd
.add_ap(apdev
[0], params
)
2939 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname
)
2940 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2941 sigma_dut_cmd_check("sta_set_psk,interface,%s,ssid,%s,passphrase,%s,encpType,aes-ccmp,keymgmttype,wpa2,PMF,Required" % (ifname
, "venue", "12345678"))
2942 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "venue"))
2943 sigma_dut_wait_connected(ifname
)
2944 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
2945 sigma_dut_cmd_check("sta_hs2_venue_info,interface," + ifname
+ ",Display,Yes")
2946 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
2947 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
2949 stop_sigma_dut(sigma
)
2951 def test_sigma_dut_hs20_assoc_24(dev
, apdev
):
2952 """sigma_dut controlled Hotspot 2.0 connection (2.4 GHz)"""
2953 run_sigma_dut_hs20_assoc(dev
, apdev
, True)
2955 def test_sigma_dut_hs20_assoc_5(dev
, apdev
):
2956 """sigma_dut controlled Hotspot 2.0 connection (5 GHz)"""
2957 run_sigma_dut_hs20_assoc(dev
, apdev
, False)
2959 def run_sigma_dut_hs20_assoc(dev
, apdev
, band24
):
2963 bssid0
= apdev
[0]['bssid']
2964 params
= hs20_ap_params()
2965 params
['hessid'] = bssid0
2966 hapd0
= hostapd
.add_ap(apdev
[0], params
)
2968 bssid1
= apdev
[1]['bssid']
2969 params
= hs20_ap_params()
2970 params
['hessid'] = bssid0
2971 params
["hw_mode"] = "a"
2972 params
["channel"] = "36"
2973 params
["country_code"] = "US"
2974 hapd1
= hostapd
.add_ap(apdev
[1], params
)
2976 band
= "2.4" if band24
else "5"
2977 exp_bssid
= bssid0
if band24
else bssid1
2978 run_sigma_dut_hs20_assoc_2(dev
, apdev
, band
, exp_bssid
)
2980 dev
[0].request("DISCONNECT")
2982 hapd0
.request("DISABLE")
2984 hapd1
.request("DISABLE")
2985 subprocess
.call(['iw', 'reg', 'set', '00'])
2986 dev
[0].flush_scan_cache()
2988 def run_sigma_dut_hs20_assoc_2(dev
, apdev
, band
, expect_bssid
):
2989 check_eap_capa(dev
[0], "MSCHAPV2")
2990 dev
[0].flush_scan_cache()
2992 ifname
= dev
[0].ifname
2993 sigma
= start_sigma_dut(ifname
, debug
=True)
2995 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,HS2-R3" % ifname
)
2996 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
2997 sigma_dut_cmd_check("sta_add_credential,interface,%s,type,uname_pwd,realm,example.com,username,hs20-test,password,password" % ifname
)
2998 res
= sigma_dut_cmd_check("sta_hs2_associate,interface,%s,band,%s" % (ifname
, band
),
3000 sigma_dut_wait_connected(ifname
)
3001 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
3002 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
3003 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3005 stop_sigma_dut(sigma
)
3007 if "BSSID," + expect_bssid
not in res
:
3008 raise Exception("Unexpected BSSID: " + res
)
3010 def test_sigma_dut_ap_hs20(dev
, apdev
, params
):
3011 """sigma_dut controlled AP with Hotspot 2.0 parameters"""
3012 logdir
= os
.path
.join(params
['logdir'],
3013 "sigma_dut_ap_hs20.sigma-hostapd")
3014 conffile
= os
.path
.join(params
['logdir'],
3015 "sigma_dut_ap_hs20.sigma-conf")
3016 with
HWSimRadio() as (radio
, iface
):
3017 sigma
= start_sigma_dut(iface
, hostapd_logdir
=logdir
, debug
=True)
3019 sigma_dut_cmd_check("ap_reset_default,NAME,AP,program,HS2-R3")
3020 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,1,CHANNEL,1,SSID,test-hs20,MODE,11ng")
3021 sigma_dut_cmd_check("ap_set_radius,NAME,AP,WLAN_TAG,1,IPADDR,127.0.0.1,PORT,1812,PASSWORD,radius")
3022 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,1,KEYMGNT,WPA2-ENT")
3023 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,HESSID,02:12:34:56:78:9a,NAI_REALM_LIST,1,OPER_NAME,1")
3024 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OSU_SERVER_URI,https://example.com/ https://example.org/,OSU_SSID,test-osu,OSU_METHOD,SOAP SOAP,OSU_PROVIDER_LIST,10,OSU_PROVIDER_NAI_LIST,4")
3025 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,NET_AUTH_TYPE,2")
3026 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,VENUE_NAME,1")
3027 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,DOMAIN_LIST,example.com")
3028 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,1,OPERATOR_ICON_METADATA,1")
3029 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,WLAN_TAG,2,CHANNEL,1,SSID,test-osu,MODE,11ng")
3030 sigma_dut_cmd_check("ap_set_security,NAME,AP,WLAN_TAG,2,KEYMGNT,NONE")
3031 sigma_dut_cmd_check("ap_set_hs2,NAME,AP,WLAN_TAG,2,OSU,1")
3032 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
3034 with
open("/tmp/sigma_dut-ap.conf", "rb") as f
:
3035 with
open(conffile
, "wb") as f2
:
3038 sigma_dut_cmd_check("ap_reset_default")
3040 stop_sigma_dut(sigma
)
3042 def test_sigma_dut_eap_ttls_uosc(dev
, apdev
, params
):
3043 """sigma_dut controlled STA and EAP-TTLS with UOSC"""
3044 logdir
= params
['logdir']
3046 with
open("auth_serv/ca.pem", "r") as f
:
3047 with
open(os
.path
.join(logdir
, "sigma_dut_eap_ttls_uosc.ca.pem"),
3051 src
= "auth_serv/server.pem"
3052 dst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls_uosc.server.der")
3053 hashdst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls_uosc.server.pem.sha256")
3054 subprocess
.check_call(["openssl", "x509", "-in", src
, "-out", dst
,
3056 stderr
=open('/dev/null', 'w'))
3057 with
open(dst
, "rb") as f
:
3059 hash = hashlib
.sha256(der
).digest()
3060 with
open(hashdst
, "w") as f
:
3061 f
.write(binascii
.hexlify(hash).decode())
3063 dst
= os
.path
.join(logdir
, "sigma_dut_eap_ttls_uosc.incorrect.pem.sha256")
3064 with
open(dst
, "w") as f
:
3067 ssid
= "test-wpa2-eap"
3068 params
= hostapd
.wpa2_eap_params(ssid
=ssid
)
3069 hapd
= hostapd
.add_ap(apdev
[0], params
)
3071 ifname
= dev
[0].ifname
3072 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
, debug
=True)
3075 cmd
= "sta_set_security,type,eapttls,interface,%s,ssid,%s,keymgmttype,wpa2,encType,AES-CCMP,PairwiseCipher,AES-CCMP-128,username,DOMAIN\mschapv2 user,password,password,ServerCert,sigma_dut_eap_ttls_uosc.incorrect.pem" % (ifname
, ssid
)
3077 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
3078 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3079 sigma_dut_cmd_check(cmd
)
3080 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
3081 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout
=10)
3083 raise Exception("Server certificate error not reported")
3085 res
= sigma_dut_cmd_check("dev_exec_action,program,WPA3,interface,%s,ServerCertTrust,Accept" % ifname
)
3086 if "ServerCertTrustResult,Accepted" not in res
:
3087 raise Exception("Server certificate trust was not accepted")
3088 sigma_dut_wait_connected(ifname
)
3089 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
3090 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3091 dev
[0].dump_monitor()
3093 stop_sigma_dut(sigma
)
3095 def test_sigma_dut_eap_ttls_uosc_tod(dev
, apdev
, params
):
3096 """sigma_dut controlled STA and EAP-TTLS with UOSC/TOD-STRICT"""
3097 run_sigma_dut_eap_ttls_uosc_tod(dev
, apdev
, params
, False)
3099 def test_sigma_dut_eap_ttls_uosc_tod_tofu(dev
, apdev
, params
):
3100 """sigma_dut controlled STA and EAP-TTLS with UOSC/TOD-TOFU"""
3101 run_sigma_dut_eap_ttls_uosc_tod(dev
, apdev
, params
, True)
3103 def run_sigma_dut_eap_ttls_uosc_tod(dev
, apdev
, params
, tofu
):
3104 logdir
= params
['logdir']
3106 name
= "sigma_dut_eap_ttls_uosc_tod"
3109 with
open("auth_serv/ca.pem", "r") as f
:
3110 with
open(os
.path
.join(logdir
, name
+ ".ca.pem"), "w") as f2
:
3114 src
= "auth_serv/server-certpol2.pem"
3116 src
= "auth_serv/server-certpol.pem"
3117 dst
= os
.path
.join(logdir
, name
+ ".server.der")
3118 hashdst
= os
.path
.join(logdir
, name
+ ".server.pem.sha256")
3119 subprocess
.check_call(["openssl", "x509", "-in", src
, "-out", dst
,
3121 stderr
=open('/dev/null', 'w'))
3122 with
open(dst
, "rb") as f
:
3124 hash = hashlib
.sha256(der
).digest()
3125 with
open(hashdst
, "w") as f
:
3126 f
.write(binascii
.hexlify(hash).decode())
3128 ssid
= "test-wpa2-eap"
3129 params
= int_eap_server_params()
3130 params
["ssid"] = ssid
3132 params
["server_cert"] = "auth_serv/server-certpol2.pem"
3133 params
["private_key"] = "auth_serv/server-certpol2.key"
3135 params
["server_cert"] = "auth_serv/server-certpol.pem"
3136 params
["private_key"] = "auth_serv/server-certpol.key"
3137 hapd
= hostapd
.add_ap(apdev
[0], params
)
3139 ifname
= dev
[0].ifname
3140 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
, debug
=True)
3143 cmd
= ("sta_set_security,type,eapttls,interface,%s,ssid,%s,keymgmttype,wpa2,encType,AES-CCMP,PairwiseCipher,AES-CCMP-128,trustedRootCA," + name
+ ".ca.pem,username,DOMAIN\mschapv2 user,password,password,ServerCert," + name
+ ".server.pem") % (ifname
, ssid
)
3144 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
3145 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3146 sigma_dut_cmd_check(cmd
)
3147 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
3148 sigma_dut_wait_connected(ifname
)
3149 sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname
)
3150 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
+ ",maintain_profile,1")
3151 dev
[0].wait_disconnected()
3152 dev
[0].dump_monitor()
3155 params
= hostapd
.wpa2_eap_params(ssid
=ssid
)
3156 hapd
= hostapd
.add_ap(apdev
[0], params
)
3158 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
3159 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout
=10)
3161 raise Exception("Server certificate error not reported")
3163 res
= sigma_dut_cmd_check("dev_exec_action,program,WPA3,interface,%s,ServerCertTrust,Accept" % ifname
)
3164 if "ServerCertTrustResult,Accepted" in res
:
3165 raise Exception("Server certificate trust override was accepted unexpectedly")
3166 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3167 dev
[0].dump_monitor()
3169 stop_sigma_dut(sigma
)
3171 def test_sigma_dut_eap_ttls_uosc_initial_tod_strict(dev
, apdev
, params
):
3172 """sigma_dut controlled STA and EAP-TTLS with initial UOSC/TOD-STRICT"""
3173 run_sigma_dut_eap_ttls_uosc_initial_tod(dev
, apdev
, params
, False)
3175 def test_sigma_dut_eap_ttls_uosc_initial_tod_tofu(dev
, apdev
, params
):
3176 """sigma_dut controlled STA and EAP-TTLS with initial UOSC/TOD-TOFU"""
3177 run_sigma_dut_eap_ttls_uosc_initial_tod(dev
, apdev
, params
, True)
3179 def run_sigma_dut_eap_ttls_uosc_initial_tod(dev
, apdev
, params
, tofu
):
3180 logdir
= params
['logdir']
3182 name
= "sigma_dut_eap_ttls_uosc_initial_tod"
3185 with
open("auth_serv/rsa3072-ca.pem", "r") as f
:
3186 with
open(os
.path
.join(logdir
, name
+ ".ca.pem"), "w") as f2
:
3190 src
= "auth_serv/server-certpol2.pem"
3192 src
= "auth_serv/server-certpol.pem"
3193 dst
= os
.path
.join(logdir
, name
+ ".server.der")
3194 hashdst
= os
.path
.join(logdir
, name
+ ".server.pem.sha256")
3195 subprocess
.check_call(["openssl", "x509", "-in", src
, "-out", dst
,
3197 stderr
=open('/dev/null', 'w'))
3198 with
open(dst
, "rb") as f
:
3200 hash = hashlib
.sha256(der
).digest()
3201 with
open(hashdst
, "w") as f
:
3202 f
.write(binascii
.hexlify(hash).decode())
3204 ssid
= "test-wpa2-eap"
3205 params
= int_eap_server_params()
3206 params
["ssid"] = ssid
3208 params
["server_cert"] = "auth_serv/server-certpol2.pem"
3209 params
["private_key"] = "auth_serv/server-certpol2.key"
3211 params
["server_cert"] = "auth_serv/server-certpol.pem"
3212 params
["private_key"] = "auth_serv/server-certpol.key"
3213 hapd
= hostapd
.add_ap(apdev
[0], params
)
3215 ifname
= dev
[0].ifname
3216 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
, debug
=True)
3219 cmd
= ("sta_set_security,type,eapttls,interface,%s,ssid,%s,keymgmttype,wpa2,encType,AES-CCMP,PairwiseCipher,AES-CCMP-128,trustedRootCA," + name
+ ".ca.pem,username,DOMAIN\mschapv2 user,password,password") % (ifname
, ssid
)
3220 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
3221 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3222 sigma_dut_cmd_check(cmd
)
3223 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
3224 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout
=15)
3226 raise Exception("Server certificate validation failure not reported")
3228 res
= sigma_dut_cmd_check("dev_exec_action,program,WPA3,interface,%s,ServerCertTrust,Accept" % ifname
)
3229 if not tofu
and "ServerCertTrustResult,Accepted" in res
:
3230 raise Exception("Server certificate trust override was accepted unexpectedly")
3231 if tofu
and "ServerCertTrustResult,Accepted" not in res
:
3232 raise Exception("Server certificate trust override was not accepted")
3233 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3234 dev
[0].dump_monitor()
3236 stop_sigma_dut(sigma
)
3238 def test_sigma_dut_eap_ttls_uosc_ca_mistrust(dev
, apdev
, params
):
3239 """sigma_dut controlled STA and EAP-TTLS with UOSC when CA is not trusted"""
3240 logdir
= params
['logdir']
3242 with
open("auth_serv/ca.pem", "r") as f
:
3243 with
open(os
.path
.join(logdir
,
3244 "sigma_dut_eap_ttls_uosc_ca_mistrust.ca.pem"),
3248 ssid
= "test-wpa2-eap"
3249 params
= int_eap_server_params()
3250 params
["ssid"] = ssid
3251 params
["ca_cert"] = "auth_serv/rsa3072-ca.pem"
3252 params
["server_cert"] = "auth_serv/rsa3072-server.pem"
3253 params
["private_key"] = "auth_serv/rsa3072-server.key"
3254 hapd
= hostapd
.add_ap(apdev
[0], params
)
3256 ifname
= dev
[0].ifname
3257 sigma
= start_sigma_dut(ifname
, cert_path
=logdir
, debug
=True)
3260 cmd
= "sta_set_security,type,eapttls,interface,%s,ssid,%s,keymgmttype,wpa2,encType,AES-CCMP,PairwiseCipher,AES-CCMP-128,trustedRootCA,sigma_dut_eap_ttls_uosc_ca_mistrust.ca.pem,username,DOMAIN\mschapv2 user,password,password,domainSuffix,w1.fi" % (ifname
, ssid
)
3261 sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname
)
3262 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3263 sigma_dut_cmd_check(cmd
)
3264 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, ssid
))
3265 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout
=10)
3267 raise Exception("Server certificate error not reported")
3269 res
= sigma_dut_cmd_check("dev_exec_action,program,WPA3,interface,%s,ServerCertTrust,Accept" % ifname
)
3270 if "ServerCertTrustResult,Accepted" not in res
:
3271 raise Exception("Server certificate trust was not accepted")
3272 sigma_dut_wait_connected(ifname
)
3273 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
3274 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3275 dev
[0].dump_monitor()
3277 stop_sigma_dut(sigma
)
3279 def start_sae_pwe_ap(apdev
, sae_pwe
):
3281 params
= hostapd
.wpa2_params(ssid
=ssid
, passphrase
="12345678")
3282 params
['wpa_key_mgmt'] = 'SAE'
3283 params
["ieee80211w"] = "2"
3284 params
['sae_groups'] = '19'
3285 params
['sae_pwe'] = str(sae_pwe
)
3286 return hostapd
.add_ap(apdev
, params
)
3288 def connect_sae_pwe_sta(dev
, ifname
, extra
=None):
3290 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
3291 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3292 cmd
= "sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", "12345678")
3295 sigma_dut_cmd_check(cmd
)
3296 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
3297 sigma_dut_wait_connected(ifname
)
3298 sigma_dut_cmd_check("sta_disconnect,interface," + ifname
)
3299 dev
.wait_disconnected()
3300 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3303 def no_connect_sae_pwe_sta(dev
, ifname
, extra
=None):
3305 sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname
)
3306 sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname
)
3307 cmd
= "sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2" % (ifname
, "test-sae", "12345678")
3310 sigma_dut_cmd_check(cmd
)
3311 sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname
, "test-sae"))
3312 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED",
3313 "CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=10)
3314 if ev
is None or "CTRL-EVENT-CONNECTED" in ev
:
3315 raise Exception("Unexpected connection result")
3316 sigma_dut_cmd_check("sta_reset_default,interface," + ifname
)
3319 def test_sigma_dut_sae_h2e(dev
, apdev
):
3320 """sigma_dut controlled SAE H2E association (AP using loop+H2E)"""
3321 if "SAE" not in dev
[0].get_capability("auth_alg"):
3322 raise HwsimSkip("SAE not supported")
3324 start_sae_pwe_ap(apdev
[0], 2)
3326 ifname
= dev
[0].ifname
3327 sigma
= start_sigma_dut(ifname
, sae_h2e
=True, debug
=True)
3329 connect_sae_pwe_sta(dev
[0], ifname
)
3330 connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,h2e")
3331 connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,loop")
3332 res
= sigma_dut_cmd("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,keymgmttype,wpa2,sae_pwe,unknown" % (ifname
, "test-sae", "12345678"))
3333 if res
!= "status,ERROR,errorCode,Unsupported sae_pwe value":
3334 raise Exception("Unexpected error result: " + res
)
3336 stop_sigma_dut(sigma
)
3337 dev
[0].set("sae_pwe", "0")
3339 def test_sigma_dut_sae_h2e_ap_loop(dev
, apdev
):
3340 """sigma_dut controlled SAE H2E association (AP using loop-only)"""
3341 if "SAE" not in dev
[0].get_capability("auth_alg"):
3342 raise HwsimSkip("SAE not supported")
3344 start_sae_pwe_ap(apdev
[0], 0)
3346 ifname
= dev
[0].ifname
3347 sigma
= start_sigma_dut(ifname
, sae_h2e
=True, debug
=True)
3349 connect_sae_pwe_sta(dev
[0], ifname
)
3350 connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,loop")
3351 no_connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,h2e")
3353 stop_sigma_dut(sigma
)
3354 dev
[0].set("sae_pwe", "0")
3356 def test_sigma_dut_sae_h2e_ap_h2e(dev
, apdev
):
3357 """sigma_dut controlled SAE H2E association (AP using H2E-only)"""
3358 if "SAE" not in dev
[0].get_capability("auth_alg"):
3359 raise HwsimSkip("SAE not supported")
3361 start_sae_pwe_ap(apdev
[0], 1)
3363 ifname
= dev
[0].ifname
3364 sigma
= start_sigma_dut(ifname
, sae_h2e
=True, debug
=True)
3366 connect_sae_pwe_sta(dev
[0], ifname
)
3367 no_connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,loop")
3368 connect_sae_pwe_sta(dev
[0], ifname
, extra
="sae_pwe,h2e")
3370 stop_sigma_dut(sigma
)
3371 dev
[0].set("sae_pwe", "0")
3373 def test_sigma_dut_ap_sae_h2e(dev
, apdev
, params
):
3374 """sigma_dut controlled AP with SAE H2E"""
3375 logdir
= os
.path
.join(params
['logdir'],
3376 "sigma_dut_ap_sae_h2e.sigma-hostapd")
3377 if "SAE" not in dev
[0].get_capability("auth_alg"):
3378 raise HwsimSkip("SAE not supported")
3379 with
HWSimRadio() as (radio
, iface
):
3380 sigma
= start_sigma_dut(iface
, sae_h2e
=True, hostapd_logdir
=logdir
,
3383 sigma_dut_cmd_check("ap_reset_default")
3384 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
3385 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678")
3386 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
3388 for sae_pwe
in [0, 1, 2]:
3389 dev
[0].request("SET sae_groups ")
3390 dev
[0].set("sae_pwe", str(sae_pwe
))
3391 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
3392 ieee80211w
="2", scan_freq
="2412")
3393 dev
[0].request("REMOVE_NETWORK all")
3394 dev
[0].wait_disconnected()
3395 dev
[0].dump_monitor()
3397 sigma_dut_cmd_check("ap_reset_default")
3399 stop_sigma_dut(sigma
)
3400 dev
[0].set("sae_pwe", "0")
3402 def test_sigma_dut_ap_sae_h2e_only(dev
, apdev
, params
):
3403 """sigma_dut controlled AP with SAE H2E-only"""
3404 logdir
= os
.path
.join(params
['logdir'],
3405 "sigma_dut_ap_sae_h2e.sigma-hostapd")
3406 if "SAE" not in dev
[0].get_capability("auth_alg"):
3407 raise HwsimSkip("SAE not supported")
3408 with
HWSimRadio() as (radio
, iface
):
3409 sigma
= start_sigma_dut(iface
, sae_h2e
=True, hostapd_logdir
=logdir
,
3412 sigma_dut_cmd_check("ap_reset_default")
3413 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
3414 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,sae_pwe,h2e")
3415 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
3417 dev
[0].request("SET sae_groups ")
3418 dev
[0].set("sae_pwe", "1")
3419 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
3420 ieee80211w
="2", scan_freq
="2412")
3421 dev
[0].request("REMOVE_NETWORK all")
3422 dev
[0].wait_disconnected()
3423 dev
[0].dump_monitor()
3425 dev
[0].set("sae_pwe", "0")
3426 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
3427 ieee80211w
="2", scan_freq
="2412", wait_connect
=False)
3428 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
3429 "CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=10)
3430 dev
[0].request("DISCONNECT")
3431 if ev
is None or "CTRL-EVENT-CONNECTED" in ev
:
3432 raise Exception("Unexpected connection result")
3434 sigma_dut_cmd_check("ap_reset_default")
3436 stop_sigma_dut(sigma
)
3437 dev
[0].set("sae_pwe", "0")
3439 def test_sigma_dut_ap_sae_loop_only(dev
, apdev
, params
):
3440 """sigma_dut controlled AP with SAE looping-only"""
3441 logdir
= os
.path
.join(params
['logdir'],
3442 "sigma_dut_ap_sae_h2e.sigma-hostapd")
3443 if "SAE" not in dev
[0].get_capability("auth_alg"):
3444 raise HwsimSkip("SAE not supported")
3445 with
HWSimRadio() as (radio
, iface
):
3446 sigma
= start_sigma_dut(iface
, sae_h2e
=True, hostapd_logdir
=logdir
,
3449 sigma_dut_cmd_check("ap_reset_default")
3450 sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
3451 sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-SAE,PSK,12345678,sae_pwe,loop")
3452 sigma_dut_cmd_check("ap_config_commit,NAME,AP")
3454 dev
[0].request("SET sae_groups ")
3455 dev
[0].set("sae_pwe", "0")
3456 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
3457 ieee80211w
="2", scan_freq
="2412")
3458 dev
[0].request("REMOVE_NETWORK all")
3459 dev
[0].wait_disconnected()
3460 dev
[0].dump_monitor()
3462 dev
[0].set("sae_pwe", "1")
3463 dev
[0].connect("test-sae", key_mgmt
="SAE", psk
="12345678",
3464 ieee80211w
="2", scan_freq
="2412", wait_connect
=False)
3465 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
3466 "CTRL-EVENT-NETWORK-NOT-FOUND"], timeout
=10)
3467 dev
[0].request("DISCONNECT")
3468 if ev
is None or "CTRL-EVENT-CONNECTED" in ev
:
3469 raise Exception("Unexpected connection result")
3471 sigma_dut_cmd_check("ap_reset_default")
3473 stop_sigma_dut(sigma
)
3474 dev
[0].set("sae_pwe", "0")